Commit Graph

3955 Commits

  • voice transcription (#3381)
    Adds voice transcription on press-and-hold of spacebar.
    
    
    https://github.com/user-attachments/assets/85039314-26f3-46d1-a83b-8c4a4a1ecc21
    
    ---------
    
    Co-authored-by: Codex <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>
    Co-authored-by: David Zbarsky <zbarsky@openai.com>
  • fix: show command running in background terminal in details under status indicator (#12549)
    #### What
    Display in-progress background terminal command in `status.details`
    (right under header) rather than inline, as it gets cut off currently.
    
    ###### Before
    <img width="993" height="395" alt="image"
    src="https://github.com/user-attachments/assets/6792b666-8184-40f7-bf29-409bb06c21d5"
    />
    
    ###### After
    <img width="469" height="137" alt="image"
    src="https://github.com/user-attachments/assets/4d6a2481-bd19-4333-8c1a-92f521b09b3d"
    />
    
    #### Tests
    Added/updated tests
  • chore(deps): bump owo-colors from 4.2.3 to 4.3.0 in /codex-rs (#12530)
    Bumps [owo-colors](https://github.com/owo-colors/owo-colors) from 4.2.3
    to 4.3.0.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a
    href="https://github.com/owo-colors/owo-colors/releases">owo-colors's
    releases</a>.</em></p>
    <blockquote>
    <h2>owo-colors 4.3.0</h2>
    <h3>Fixed</h3>
    <ul>
    <li>Scripts in the <code>scripts/</code> directory are no longer
    published in the crate package. Thanks <a
    href="https://redirect.github.com/owo-colors/owo-colors/pull/152">weiznich</a>
    for your first contribution!</li>
    </ul>
    <h3>Changed</h3>
    <ul>
    <li>
    <p>Mark methods with
    <code>#[rust_analyzer::completions(ignore_flyimport)]</code> and the
    <code>OwoColorize</code> trait with
    <code>#[rust_analyzer::completions(ignore_flyimport_methods)]</code>.
    This prevents owo-colors methods from being completed with rust-analyzer
    unless the <code>OwoColorize</code> trait is included.</p>
    <p>Unfortunately, this also breaks explicit autocomplete commands such
    as Ctrl-Space in many editors. (The language server protocol doesn't
    appear to have a way to differentiate between implicit and explicit
    autocomplete commands.) On balance we believe this is the right
    approach, but please do provide feedback on [PR <a
    href="https://redirect.github.com/owo-colors/owo-colors/issues/141">#141</a>](<a
    href="https://redirect.github.com/owo-colors/owo-colors/pull/141">owo-colors/owo-colors#141</a>)
    if it negatively affects you.</p>
    </li>
    <li>
    <p>Updated MSRV to Rust 1.81.</p>
    </li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a
    href="https://github.com/owo-colors/owo-colors/blob/main/CHANGELOG.md">owo-colors's
    changelog</a>.</em></p>
    <blockquote>
    <h2>[4.3.0] - 2026-02-22</h2>
    <h3>Fixed</h3>
    <ul>
    <li>Scripts in the <code>scripts/</code> directory are no longer
    published in the crate package. Thanks <a
    href="https://redirect.github.com/owo-colors/owo-colors/pull/152">weiznich</a>
    for your first contribution!</li>
    </ul>
    <h3>Changed</h3>
    <ul>
    <li>
    <p>Mark methods with
    <code>#[rust_analyzer::completions(ignore_flyimport)]</code> and the
    <code>OwoColorize</code> trait with
    <code>#[rust_analyzer::completions(ignore_flyimport_methods)]</code>.
    This prevents owo-colors methods from being completed with rust-analyzer
    unless the <code>OwoColorize</code> trait is included.</p>
    <p>Unfortunately, this also breaks explicit autocomplete commands such
    as Ctrl-Space in many editors. (The language server protocol doesn't
    appear to have a way to differentiate between implicit and explicit
    autocomplete commands.) On balance we believe this is the right
    approach, but please do provide feedback on [PR <a
    href="https://redirect.github.com/owo-colors/owo-colors/issues/141">#141</a>](<a
    href="https://redirect.github.com/owo-colors/owo-colors/pull/141">owo-colors/owo-colors#141</a>)
    if it negatively affects you.</p>
    </li>
    <li>
    <p>Updated MSRV to Rust 1.81.</p>
    </li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    href="https://github.com/owo-colors/owo-colors/commit/baf10f9a74007501379afdc002394a15a787dc59"><code>baf10f9</code></a>
    [owo-colors] version 4.3.0</li>
    <li><a
    href="https://github.com/owo-colors/owo-colors/commit/6abe2026c56ef6eefda30d417462f28f9ea8854d"><code>6abe202</code></a>
    [meta] prepare changelog</li>
    <li><a
    href="https://github.com/owo-colors/owo-colors/commit/ca814470410c819568b381b9b2b3f7a184e7de28"><code>ca81447</code></a>
    [RFC] add ignore_flyimport and ignore_flyimport_methods (<a
    href="https://redirect.github.com/owo-colors/owo-colors/issues/141">#141</a>)</li>
    <li><a
    href="https://github.com/owo-colors/owo-colors/commit/61de72e7f9487a945e8ea59afb9aa1b2046a2bd7"><code>61de72e</code></a>
    Exclude development script from published package (<a
    href="https://redirect.github.com/owo-colors/owo-colors/issues/152">#152</a>)</li>
    <li><a
    href="https://github.com/owo-colors/owo-colors/commit/b2ad6bcd4156207bcbc4c756c0c926e02667a872"><code>b2ad6bc</code></a>
    update MSRV to Rust 1.81 (<a
    href="https://redirect.github.com/owo-colors/owo-colors/issues/156">#156</a>)</li>
    <li>See full diff in <a
    href="https://github.com/owo-colors/owo-colors/compare/v4.2.3...v4.3.0">compare
    view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=owo-colors&package-manager=cargo&previous-version=4.2.3&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    
    
    </details>
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • fix(tui): queue steer Enter while final answer is still streaming to prevent dead state (#12569)
    ## Summary
    This fixes a TUI race (https://github.com/openai/codex/issues/11008)
    where pressing Enter with Steer enabled while the assistant is still
    streaming the final answer could put Codex into a non-recoverable
    “running” state (no further prompts handled until exiting and resuming).
    
    ## Root Cause
    In steer mode, `InputResult::Submitted` could submit immediately even
    while a final-answer stream was active. That immediate submission races
    with turn completion and can strand turn state.
    
    ## Fix
    When handling `InputResult::Submitted`, we now queue instead of
    immediate-submit if a final-answer stream is active
    (`stream_controller.is_some()`).
    
    This keeps behavior deterministic:
    - Prompt is preserved in the queue.
    - `on_task_complete()` drains queued input through
    `maybe_send_next_queued_input()`.
    - Follow-up prompts continue in FIFO order after completion.
    
    ## Why this resolves the “dead mode”
    The problematic timing window is now converted into queueing, so prompts
    entered during final streaming are not lost and are processed after the
    current output ends. The model continues handling prompts normally
    without requiring `/quit` + `resume`.
    
    ## Tests
    Added regression coverage in `tui/src/chatwidget/tests.rs`:
    
    - `steer_enter_queues_while_final_answer_stream_is_active`
    - `steer_enter_during_final_stream_preserves_follow_up_prompts_in_order`
    
    Both fail on old behavior and pass with this fix.
  • fix(tui): recover on owned wrap mapping mismatch (#12609)
    ## Summary
    
    - Replace the `panic!` in `map_owned_wrapped_line_to_range` with a
    recoverable flow that skips synthetic leading characters, logs a warning
    on mid-line mismatch, and returns the mapped prefix range instead of
    crashing
    - Fixes a crash when `textwrap` produces owned lines with synthetic
    indent prefixes (e.g. non-space indents via
    `initial_indent`/`subsequent_indent`)
    
    ## Test plan
    
    - [x] Added unit test for direct mismatch recovery
    (`map_owned_wrapped_line_to_range_recovers_on_non_prefix_mismatch`)
    - [x] Added end-to-end `wrap_ranges` test with non-space indents that
    forces owned wrapped lines and validates full source reconstruction
    - [x] Verify no regressions in existing `wrapping.rs` tests (`cargo test
    -p codex-tui`)
  • fix: add ellipsis for truncated status indicator (#12540)
    #### What
    
    - Add ellipsis truncation of the status indicator, similar to equivalent
    truncation done in the footer.
    - Extract truncation helpers into separate file
    
    
    
    https://github.com/user-attachments/assets/a2d5f22f-8adc-456e-8059-97359194c25c
    
    
    #### Tests
    Updated relevant snapshot tests
  • Use Arc-based ToolCtx in tool runtimes (#12583)
    ## Why
    Tool handlers and runtimes needed to pass the same turn/session context
    for shell and non-shell workflows without duplicative ownership churn.
    Using shared pointers avoids temporary lifetimes and keeps existing
    behavior unchanged while simplifying call sites.
    
    ## What changed
    - Converted `ToolCtx` to store shared context handles (`Arc`-based),
    including updates across shell, apply-patch, and unified-exec paths.
    - Updated orchestrator/runtime call sites to consume the shared context
    consistently and remove brittle move/borrow patterns.
    - Kept behavior unchanged while preparing the type surface for the new
    shell escalation integration in the next stack commit.
    
    ## Verification
    - Validated this commit stack point with `just clippy` and confirmed
    workspace compiles cleanly in this stack state.
    
    [//]: # (BEGIN SAPLING FOOTER)
    Stack created with [Sapling](https://sapling-scm.com). Best reviewed
    with [ReviewStack](https://reviewstack.dev/openai/codex/pull/12583).
    * #12584
    * __->__ #12583
    * #12556
  • chore(deps): bump syn from 2.0.114 to 2.0.117 in /codex-rs (#12529)
    Bumps [syn](https://github.com/dtolnay/syn) from 2.0.114 to 2.0.117.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a
    href="https://github.com/dtolnay/syn/releases">syn's
    releases</a>.</em></p>
    <blockquote>
    <h2>2.0.117</h2>
    <ul>
    <li>Fix parsing of <code>self::</code> pattern in first function
    argument (<a
    href="https://redirect.github.com/dtolnay/syn/issues/1970">#1970</a>)</li>
    </ul>
    <h2>2.0.116</h2>
    <ul>
    <li>Optimize parse_fn_arg_or_variadic for less lookahead on erroneous
    receiver (<a
    href="https://redirect.github.com/dtolnay/syn/issues/1968">#1968</a>)</li>
    </ul>
    <h2>2.0.115</h2>
    <ul>
    <li>Enable GenericArgument::Constraint parsing in non-full mode (<a
    href="https://redirect.github.com/dtolnay/syn/issues/1966">#1966</a>)</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    href="https://github.com/dtolnay/syn/commit/7bcb37cdb3399977658c8b52d2441d37e42e48f2"><code>7bcb37c</code></a>
    Release 2.0.117</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/9c6e7d3b8df7b30909d60395f88a6ca07688e1c1"><code>9c6e7d3</code></a>
    Merge pull request <a
    href="https://redirect.github.com/dtolnay/syn/issues/1970">#1970</a>
    from dtolnay/receiver</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/019a84847eded0cdb1f7856e0752ba618155cfc9"><code>019a848</code></a>
    Fix self:: pattern in first function argument</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/23f54f3cf61ddedd5daea4f347eca2d4b84c8abb"><code>23f54f3</code></a>
    Update test suite to nightly-2026-02-18</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/b99b9a627c46580343398472e7b08a131357a994"><code>b99b9a6</code></a>
    Unpin CI miri toolchain</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/a62e54a48b3b05add5df0e80fe93906509ad72ae"><code>a62e54a</code></a>
    Release 2.0.116</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/5a8ed9f32e572f35a952c05f25beb3bd976300a4"><code>5a8ed9f</code></a>
    Merge pull request <a
    href="https://redirect.github.com/dtolnay/syn/issues/1968">#1968</a>
    from dtolnay/receiver</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/813afcc7733b02a8ad0a829eef431e593a906379"><code>813afcc</code></a>
    Optimize parse_fn_arg_or_variadic for less lookahead on erroneous
    receiver</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/c17215011363b8e936b98a9053726abfbc2bdcc4"><code>c172150</code></a>
    Add regression test for issue 1718</li>
    <li><a
    href="https://github.com/dtolnay/syn/commit/0071ab367ca6c42f94209f8187de3e540231427f"><code>0071ab3</code></a>
    Ignore type_complexity clippy lint</li>
    <li>Additional commits viewable in <a
    href="https://github.com/dtolnay/syn/compare/2.0.114...2.0.117">compare
    view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=syn&package-manager=cargo&previous-version=2.0.114&new-version=2.0.117)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    
    
    </details>
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • chore(deps): bump libc from 0.2.180 to 0.2.182 in /codex-rs (#12528)
    Bumps [libc](https://github.com/rust-lang/libc) from 0.2.180 to 0.2.182.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a
    href="https://github.com/rust-lang/libc/releases">libc's
    releases</a>.</em></p>
    <blockquote>
    <h2>0.2.182</h2>
    <h3>Added</h3>
    <ul>
    <li>Android, Linux: Add <code>tgkill</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4970">#4970</a>)</li>
    <li>Redox: Add <code>RENAME_NOREPLACE</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4968">#4968</a>)</li>
    <li>Redox: Add <code>renameat2</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4968">#4968</a>)</li>
    </ul>
    <h2>0.2.181</h2>
    <h3>Added</h3>
    <ul>
    <li>Apple: Add <code>MADV_ZERO</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4924">#4924</a>)</li>
    <li>Redox: Add <code>makedev</code>, <code>major</code>, and
    <code>minor</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4928">#4928</a>)</li>
    <li>GLibc: Add <code>PTRACE_SET_SYSCALL_INFO</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4933">#4933</a>)</li>
    <li>OpenBSD: Add more kqueue related constants for (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4945">#4945</a>)</li>
    <li>Linux: add CAN error types (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4944">#4944</a>)</li>
    <li>OpenBSD: Add siginfo_t::si_status (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4946">#4946</a>)</li>
    <li>QNX NTO: Add <code>max_align_t</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4927">#4927</a>)</li>
    <li>Illumos: Add <code>_CS_PATH</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4956">#4956</a>)</li>
    <li>OpenBSD: add <code>ppoll</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4957">#4957</a>)</li>
    </ul>
    <h3>Fixed</h3>
    <ul>
    <li><strong>Breaking</strong>: Redox: Fix the type of <code>dev_t</code>
    (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4928">#4928</a>)</li>
    <li>AIX: Change 'tv_nsec' of 'struct timespec' to type 'c_long' (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4931">#4931</a>)</li>
    <li>AIX: Use 'struct st_timespec' in 'struct stat{,64}' (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4931">#4931</a>)</li>
    <li>Glibc: Link old version of <code>tc{g,s}etattr</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4938">#4938</a>)</li>
    <li>Glibc: Link the correct version of <code>cf{g,s}et{i,o}speed</code>
    on mips{32,64}r6 (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4938">#4938</a>)</li>
    <li>OpenBSD: Fix constness of tm.tm_zone (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4948">#4948</a>)</li>
    <li>OpenBSD: Fix the definition of <code>ptrace_thread_state</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4947">#4947</a>)</li>
    <li>QuRT: Fix type visibility and defs (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4932">#4932</a>)</li>
    <li>Redox: Fix values for <code>PTHREAD_MUTEX_{NORMAL, RECURSIVE}</code>
    (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4943">#4943</a>)</li>
    <li>Various: Mark additional fields as private padding (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4922">#4922</a>)</li>
    </ul>
    <h3>Changed</h3>
    <ul>
    <li>Fuchsia: Update <code>SO_*</code> constants (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4937">#4937</a>)</li>
    <li>Revert &quot;musl: convert inline timespecs to timespec&quot;
    (resolves build issues on targets only supported by Musl 1.2.3+ ) (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4958">#4958</a>)</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a
    href="https://github.com/rust-lang/libc/blob/0.2.182/CHANGELOG.md">libc's
    changelog</a>.</em></p>
    <blockquote>
    <h2><a
    href="https://github.com/rust-lang/libc/compare/0.2.181...0.2.182">0.2.182</a>
    - 2026-02-13</h2>
    <h3>Added</h3>
    <ul>
    <li>Android, Linux: Add <code>tgkill</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4970">#4970</a>)</li>
    <li>Redox: Add <code>RENAME_NOREPLACE</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4968">#4968</a>)</li>
    <li>Redox: Add <code>renameat2</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4968">#4968</a>)</li>
    </ul>
    <h2><a
    href="https://github.com/rust-lang/libc/compare/0.2.180...0.2.181">0.2.181</a>
    - 2026-02-09</h2>
    <h3>Added</h3>
    <ul>
    <li>Apple: Add <code>MADV_ZERO</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4924">#4924</a>)</li>
    <li>Redox: Add <code>makedev</code>, <code>major</code>, and
    <code>minor</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4928">#4928</a>)</li>
    <li>GLibc: Add <code>PTRACE_SET_SYSCALL_INFO</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4933">#4933</a>)</li>
    <li>OpenBSD: Add more kqueue related constants for (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4945">#4945</a>)</li>
    <li>Linux: add CAN error types (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4944">#4944</a>)</li>
    <li>OpenBSD: Add siginfo_t::si_status (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4946">#4946</a>)</li>
    <li>QNX NTO: Add <code>max_align_t</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4927">#4927</a>)</li>
    <li>Illumos: Add <code>_CS_PATH</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4956">#4956</a>)</li>
    <li>OpenBSD: add <code>ppoll</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4957">#4957</a>)</li>
    </ul>
    <h3>Fixed</h3>
    <ul>
    <li><strong>breaking</strong>: Redox: Fix the type of dev_t (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4928">#4928</a>)</li>
    <li>AIX: Change 'tv_nsec' of 'struct timespec' to type 'c_long' (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4931">#4931</a>)</li>
    <li>AIX: Use 'struct st_timespec' in 'struct stat{,64}' (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4931">#4931</a>)</li>
    <li>Glibc: Link old version of <code>tc{g,s}etattr</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4938">#4938</a>)</li>
    <li>Glibc: Link the correct version of <code>cf{g,s}et{i,o}speed</code>
    on mips{32,64}r6 (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4938">#4938</a>)</li>
    <li>OpenBSD: Fix constness of tm.tm_zone (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4948">#4948</a>)</li>
    <li>OpenBSD: Fix the definition of <code>ptrace_thread_state</code> (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4947">#4947</a>)</li>
    <li>QuRT: Fix type visibility and defs (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4932">#4932</a>)</li>
    <li>Redox: Fix values for <code>PTHREAD_MUTEX_{NORMAL, RECURSIVE}</code>
    (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4943">#4943</a>)</li>
    <li>Various: Mark additional fields as private padding (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4922">#4922</a>)</li>
    </ul>
    <h3>Changed</h3>
    <ul>
    <li>Fuchsia: Update <code>SO_*</code> constants (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4937">#4937</a>)</li>
    <li>Revert &quot;musl: convert inline timespecs to timespec&quot;
    (resolves build issues on targets only supported by Musl 1.2.3+ ) (<a
    href="https://redirect.github.com/rust-lang/libc/pull/4958">#4958</a>)</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    href="https://github.com/rust-lang/libc/commit/e879ee90b6cd8f79b352d4d4d1f8ca05f94f2f53"><code>e879ee9</code></a>
    chore: Release libc 0.2.182</li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/2efe72f4dae6feebacaf5ec8a4ec5fdc79569e7b"><code>2efe72f</code></a>
    remove copyright year in LICENSE-MIT</li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/634bc4e66e944d54ebc3d1610175c8c6d390bd29"><code>634bc4e</code></a>
    ci: Update the list of tested and documented targets</li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/d7aa109ab5074dbbd35fb52cc72620e29961e76d"><code>d7aa109</code></a>
    Revert &quot;Disable hexagon-unknown-linux-musl testing for
    now&quot;</li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/14e2f5641e2d4356953b0c95959ccfc86af5dcc3"><code>14e2f56</code></a>
    Revert &quot;ci: Skip hexagon-unknown-linux-musl&quot;</li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/b7807c369b468c369661e81ea6f9f649f3b3ddf3"><code>b7807c3</code></a>
    Revert &quot;aix: Temporarily skip checking powerpc64-ibm-aix
    builds&quot;</li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/abe93a0bfedfe6159252d43e5c4273d0b0833ca4"><code>abe93a0</code></a>
    feat(linux): add <code>tgkill</code> for Linux and Android</li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/25f7dde943988c81871d95aaea1afd49cf11425d"><code>25f7dde</code></a>
    feat(redox): add <code>RENAME_NOREPLACE</code></li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/4b4ce4f2205d22121c5e913b118f8fc776d39897"><code>4b4ce4f</code></a>
    feat(redox): add <code>renameat2</code></li>
    <li><a
    href="https://github.com/rust-lang/libc/commit/ab8c36c49327eeee2b5c3818d6706b499dd890a4"><code>ab8c36c</code></a>
    build(deps): bump vmactions/solaris-vm from 1.2.8 to 1.3.0</li>
    <li>Additional commits viewable in <a
    href="https://github.com/rust-lang/libc/compare/0.2.180...0.2.182">compare
    view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=libc&package-manager=cargo&previous-version=0.2.180&new-version=0.2.182)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    
    
    </details>
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • refactor: normalize unix module layout for exec-server and shell-escalation (#12556)
    ## Why
    Shell execution refactoring in `exec-server` had become split between
    duplicated code paths, which blocked a clean introduction of the new
    reusable shell escalation flow. This commit creates a dedicated
    foundation crate so later shell tooling changes can share one
    implementation.
    
    ## What changed
    - Added the `codex-shell-escalation` crate and moved the core escalation
    pieces (`mcp` protocol/socket/session flow, policy glue) that were
    previously in `exec-server` into it.
    - Normalized `exec-server` Unix structure under a dedicated `unix`
    module layout and kept non-Unix builds narrow.
    - Wired crate/build metadata so `shell-escalation` is a first-class
    workspace dependency for follow-on integration work.
    
    ## Verification
    - Built and linted the stack at this commit point with `just clippy`.
    
    [//]: # (BEGIN SAPLING FOOTER)
    Stack created with [Sapling](https://sapling-scm.com). Best reviewed
    with [ReviewStack](https://reviewstack.dev/openai/codex/pull/12556).
    * #12584
    * #12583
    * __->__ #12556
  • tweaked /clear to support clear + new chat, also fix minor bug for macos terminal (#12520)
    # /clear feature! 
    
    Use /clear to start a new chat with Codex on a clean terminal!
  • remove feature flag collaboration modes (#12028)
    All code should go in the direction that steer is enabled
    
    ---------
    
    Co-authored-by: Codex <noreply@openai.com>
  • chore: better bazel test logs (#12576)
    ## Summary
    
    Improve Bazel CI failure diagnostics by printing the tail of each failed
    target’s test.log directly in the GitHub Actions output.
    
    Today, when a large Bazel test target fails (for example tests of
    `codex-core`), the workflow often only shows a target-level Exit 101
    plus a path to Bazel’s test.log. That makes it hard to see the actual
    failing Rust test and panic without digging into artifacts or
    reproducing locally.
    
    This change makes the workflow automatically surface that information
    inline.
    
      ## What Changed
    
    In .github/workflows/bazel.yml:
    
      - Capture Bazel console output via tee
      - Preserve the Bazel exit code when piping (PIPESTATUS[0])
      - On failure:
          - Parse failed Bazel test targets from FAIL: //... lines
          - Resolve Bazel test log directory via bazel info bazel-testlogs
          - Print tail -n 200 for each failed target’s test.log
          - Group each target’s output in GitHub Actions logs (::group::)
    
    ## Bonus
    Disable `experimental_remote_repo_contents_cache` to prevent "Permission
    Denied"
  • feat: role metrics multi-agent (#12579)
    add metrics for agent role
  • Allow exec resume to parse output-last-message flag after command (#12541)
    Summary
    - mark `output-last-message` as a global exec flag so it can follow
    subcommands like `resume`
    - add regression tests in both `cli` and `exec` crates verifying the
    flag order works when invoking `resume`
    
    Fixes #12538
  • chore: rename memory feature flag (#12580)
    `memory_tool` -> `memories`
  • refactor: decouple MCP policy construction from escalate server (#12555)
    ## Why
    The current escalate path in `codex-rs/exec-server` still had policy
    creation coupled to MCP details, which makes it hard to reuse the shell
    execution flow outside the MCP server. This change is part of a broader
    goal to split MCP-specific behavior from shared escalation execution so
    other handlers (for example a future `ShellCommandHandler`) can reuse it
    without depending on MCP request context types.
    
    ## What changed
    - Added a new `EscalationPolicyFactory` abstraction in `mcp.rs`:
      - `crate`-relative path: `codex-rs/exec-server/src/posix/mcp.rs`
    -
    https://github.com/openai/codex/blob/main/codex-rs/exec-server/src/posix/mcp.rs#L87-L107
    - Made `run_escalate_server` in `mcp.rs` accept a policy factory instead
    of constructing `McpEscalationPolicy` directly.
    -
    https://github.com/openai/codex/blob/main/codex-rs/exec-server/src/posix/mcp.rs#L178-L201
    - Introduced `McpEscalationPolicyFactory` that stores MCP-only state
    (`RequestContext`, `preserve_program_paths`) and implements the new
    trait.
    -
    https://github.com/openai/codex/blob/main/codex-rs/exec-server/src/posix/mcp.rs#L100-L117
    - Updated `shell()` to pass a `McpEscalationPolicyFactory` instance into
    `run_escalate_server`, so the server remains the MCP-specific wiring
    layer.
    -
    https://github.com/openai/codex/blob/main/codex-rs/exec-server/src/posix/mcp.rs#L163-L170
    
    ## Verification
    - Build and test execution was not re-run in this pass; changes are
    limited to `mcp.rs` and preserve the existing escalation flow semantics
    by only extracting policy construction behind a factory.
    
    
    
    
    ---
    [//]: # (BEGIN SAPLING FOOTER)
    Stack created with [Sapling](https://sapling-scm.com). Best reviewed
    with [ReviewStack](https://reviewstack.dev/openai/codex/pull/12555).
    * #12556
    * __->__ #12555
  • Return image content from view_image (#12553)
    Responses API supports image content
  • test: vendor zsh fork via DotSlash and stabilize zsh-fork tests (#12518)
    ## Why
    
    The zsh integration tests were still brittle in two ways:
    
    - they relied on `CODEX_TEST_ZSH_PATH` / environment-specific setup, so
    they often did not exercise the patched zsh fork that `shell-tool-mcp`
    ships
    - once the tests consistently used the vendored zsh fork, they exposed
    real Linux-specific zsh-fork issues in CI
    
    In particular, the Linux failures were not just test noise:
    
    - the zsh-fork launch path was dropping `ExecRequest.arg0`, so Linux
    `codex-linux-sandbox` arg0 dispatch did not run and zsh wrapper-mode
    could receive malformed arguments
    - the
    `turn_start_shell_zsh_fork_subcommand_decline_marks_parent_declined_v2`
    test uses the zsh exec bridge (which talks to the parent over a Unix
    socket), but Linux restricted sandbox seccomp denies `connect(2)`,
    causing timeouts on `ubuntu-24.04` x86/arm
    
    This PR makes the zsh tests consistently run against the intended
    vendored zsh fork and fixes/hardens the zsh-fork path so the Linux CI
    signal is meaningful.
    
    ## What Changed
    
    - Added a single shared test-only DotSlash file for the patched zsh fork
    at `codex-rs/exec-server/tests/suite/zsh` (analogous to the existing
    `bash` test resource).
    - Updated both app-server and exec-server zsh tests to use that shared
    DotSlash zsh (no duplicate zsh DotSlash file, no `CODEX_TEST_ZSH_PATH`
    dependency).
    - Updated the app-server zsh-fork test helper to resolve the shared
    DotSlash zsh and avoid silently falling back to host zsh.
    - Kept the app-server zsh-fork tests configured via `config.toml`, using
    a test wrapper path where needed to force `zsh -df` (and rewrite `-lc`
    to `-c`) for the subcommand-decline test.
    - Hardened the app-server subcommand-decline zsh-fork test for CI
    variability:
      - tolerate an extra `/responses` POST with a no-op mock response
    - tolerate non-target approval ordering while remaining strict on the
    two `/usr/bin/true` approvals and decline behavior
    - use `DangerFullAccess` on Linux for this one test because it validates
    zsh approval flow, not Linux sandbox socket restrictions
    - Fixed zsh-fork process launching on Linux by preserving `req.arg0` in
    `ZshExecBridge::execute_shell_request(...)` so `codex-linux-sandbox`
    arg0 dispatch continues to work.
    - Moved `maybe_run_zsh_exec_wrapper_mode()` under
    `arg0_dispatch_or_else(...)` in `app-server` and `cli` so wrapper-mode
    handling coexists correctly with arg0-dispatched helper modes.
    - Consolidated duplicated `dotslash -- fetch` resolution logic into
    shared test support (`core/tests/common/lib.rs`).
    - Updated `codex-rs/exec-server/tests/suite/accept_elicitation.rs` to
    use DotSlash zsh and hardened the zsh elicitation test for Bazel/zsh
    differences by:
      - resolving an absolute `git` path
      - running `git init --quiet .`
    - asserting success / `.git` creation instead of relying on banner text
    
    ## Verification
    
    - `cargo test -p codex-app-server turn_start_zsh_fork -- --nocapture`
    - `cargo test -p codex-exec-server accept_elicitation -- --nocapture`
    - `bazel test //codex-rs/exec-server:exec-server-all-test
    --test_output=streamed --test_arg=--nocapture
    --test_arg=accept_elicitation_for_prompt_rule_with_zsh`
    - CI (`rust-ci`) on the final cleaned commit: `Tests — ubuntu-24.04 -
    x86_64-unknown-linux-gnu` and `Tests — ubuntu-24.04-arm -
    aarch64-unknown-linux-gnu` passed in [run
    22291424358](https://github.com/openai/codex/actions/runs/22291424358)
  • Add PR babysitting skill for this repo (#12513)
    ## PR Notes
    
    This PR adds a project-scoped `babysit-pr` skill for ongoing PR
    monitoring (CI, reviews, mergeability).
    
    Simply invoke this skill after creating a PR, and codex will do its best
    to get it to a mergeable state:
    
    ### What the skill does
    * Fixes CI failures related to the PR
    * Retries CI failures due to flaky tests
    * Addresses code review comments if it agrees with them
    * Addresses merge conflicts on main branch
    
    ### How the skill works
    - Polls PR status on a loop (CI checks, workflow runs, review activity,
    mergeability, and review decision).
    - Detects new review feedback (including inline comments and automated
    Codex review comments) and prompts/handles follow-up work.
    - Distinguishes pending vs failed vs passed CI and identifies likely
    flaky failures.
    - Can retry failed checks/workflows when appropriate.
    - Prioritizes actionable code review feedback over flaky CI retries (to
    avoid rerunning CI on a SHA that is about to be replaced).
    - Continues monitoring after fixes are applied and pushed, rather than
    stopping after a progress update.
    - Uses a slower backoff polling cadence once CI is green, while still
    watching for new review feedback or state changes.
    - Treats required review/approval as a blocking condition and keeps
    watching until the PR is actually merge-ready (or merged/closed, or
    human intervention is needed).
    
    ### Intended outcome
    
    Keep the PR moving with minimal manual babysitting by continuously
    watching for CI failures, reviewer feedback, and merge blockers, and
    responding in the right order until the PR is ready to merge.
  • Add C# syntax option to highlight selections (#12511)
    Summary
    - map csharp/c-sharp aliases to the existing C# syntax in the highlight
    matcher
    - ensure the extension list and tests include .cs and the new aliases so
    coverage stays accurate
    
    Testing
    
    <img width="543" height="266" alt="image"
    src="https://github.com/user-attachments/assets/e6c8a42f-649c-4c30-b574-421b4287534c"
    />
  • Sort themes case-insensitively in picker (#12509)
    ## Summary
    - order bundled and custom themes together by name while keeping entries
    stable across platforms
    - update the theme fixture names and tests to assert case-insensitive
    ordering
  • Revert "Revert "Route inbound realtime text into turn start or steer"" (#12480)
    With working tests this time
    
    ---------
    
    Co-authored-by: Codex <noreply@openai.com>
  • feat(tui): support Alt-d delete-forward-word (#12455)
    Alt-d should delete the next word. It didn’t. Now it does. Added a small
    test so it stays that way.
    
    Details:
    File updated:
    [codex-rs/tui/src/bottom_pane/textarea.rs](./codex-rs/tui/src/bottom_pane/textarea.rs)
    Test added: delete_forward_word_alt_d — verifies Alt-d deletes the next
    word and keeps the cursor position correct.
    
    Solves  Issue #12453
  • Handle orphan exec ends without clobbering active exploring cell (#12313)
    Summary
    - distinguish exec end handling targets (active tracking, active orphan
    history, new cell) so unified exec responses don’t clobber unrelated
    exploring cells
    - ensure orphan ends flush existing exploring history when complete,
    insert standalone history entries, and keep active cells correct
    - add regression tests plus a snapshot covering the new behavior and
    expose the ExecCell completion result for verification
    
    Fix for https://github.com/openai/codex/issues/12278
    
    ---------
    
    Co-authored-by: Josh McKinney <joshka@openai.com>
  • Send events to realtime api (#12423)
    - Send assistant messages, ExecCommandBegin, and
    PatchApplyBegin/PatchApplyEnd
  • feat(tui) /clear (#12444)
    # /clear feature! 
    
    /clear will clear your terminal while preserving the context/state of
    the thread.
  • app-server: retain thread listener across disconnects (#12373)
    - keep the per-thread app-server listener alive when the last client
    unsubscribes or disconnects
    - preserve listener-side active turn history so running `thread/resume`
    can merge an in-progress turn snapshot after reconnect
    - add `ThreadStateManager` regressions for disconnect/unsubscribe
    retention and explicit thread teardown cleanup
    
    Added unit tests, and I manually tested to confirm the fix
    
    ---------
    
    Co-authored-by: Codex <noreply@openai.com>
  • feat(tui): syntax highlighting via syntect with theme picker (#11447)
    ## Summary
    
    Adds syntax highlighting to the TUI for fenced code blocks in markdown
    responses and file diffs, plus a `/theme` command with live preview and
    persistent theme selection. Uses syntect (~250 grammars, 32 bundled
    themes, ~1 MB binary cost) — the same engine behind `bat`, `delta`, and
    `xi-editor`. Includes guardrails for large inputs, graceful fallback to
    plain text, and SSH-aware clipboard integration for the `/copy` command.
    
    <img width="1554" height="1014" alt="image"
    src="https://github.com/user-attachments/assets/38737a79-8717-4715-b857-94cf1ba59b85"
    />
    
    <img width="2354" height="1374" alt="image"
    src="https://github.com/user-attachments/assets/25d30a00-c487-4af8-9cb6-63b0695a4be7"
    />
    
    ## Problem
    
    Code blocks in the TUI (markdown responses and file diffs) render
    without syntax highlighting, making it hard to scan code at a glance.
    Users also have no way to pick a color theme that matches their terminal
    aesthetic.
    
    ## Mental model
    
    The highlighting system has three layers:
    
    1. **Syntax engine** (`render::highlight`) -- a thin wrapper around
    syntect + two-face. It owns a process-global `SyntaxSet` (~250 grammars)
    and a `RwLock<Theme>` that can be swapped at runtime. All public entry
    points accept `(code, lang)` and return ratatui `Span`/`Line` vectors or
    `None` when the language is unrecognized or the input exceeds safety
    guardrails.
    
    2. **Rendering consumers** -- `markdown_render` feeds fenced code blocks
    through the engine; `diff_render` highlights Add/Delete content as a
    whole file and Update hunks per-hunk (preserving parser state across
    hunk lines). Both callers fall back to plain unstyled text when the
    engine returns `None`.
    
    3. **Theme lifecycle** -- at startup the config's `tui.theme` is
    resolved to a syntect `Theme` via `set_theme_override`. At runtime the
    `/theme` picker calls `set_syntax_theme` to swap themes live; on cancel
    it restores the snapshot taken at open. On confirm it persists `[tui]
    theme = "..."` to config.toml.
    
    ## Non-goals
    
    - Inline diff highlighting (word-level change detection within a line).
    - Semantic / LSP-backed highlighting.
    - Theme authoring tooling; users supply standard `.tmTheme` files.
    
    ## Tradeoffs
    
    | Decision | Upside | Downside |
    | ------------------------------------------------ |
    ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    |
    -----------------------------------------------------------------------------------------------------------------------
    |
    | syntect over tree-sitter / arborium | ~1 MB binary increase for ~250
    grammars + 32 themes; battle-tested crate powering widely-used tools
    (`bat`, `delta`, `xi-editor`). tree-sitter would add ~12 MB for 20-30
    languages or ~35 MB for full coverage. | Regex-based; less structurally
    accurate than tree-sitter for some languages (e.g. language injections
    like JS-in-HTML). |
    | Global `RwLock<Theme>` | Enables live `/theme` preview without
    threading Theme through every call site | Lock contention risk
    (mitigated: reads vastly outnumber writes, single UI thread) |
    | Skip background / italic / underline from themes | Terminal BG
    preserved, avoids ugly rendering on some themes | Themes that rely on
    these properties lose fidelity |
    | Guardrails: 512 KB / 10k lines | Prevents pathological stalls on huge
    diffs or pastes | Very large files render without color |
    
    ## Architecture
    
    ```
    config.toml  ─[tui.theme]─>  set_theme_override()  ─>  THEME (RwLock)
                                                                  │
                      ┌───────────────────────────────────────────┘
                      │
      markdown_render ─── highlight_code_to_lines(code, lang) ─> Vec<Line>
      diff_render     ─── highlight_code_to_styled_spans(code, lang) ─> Option<Vec<Vec<Span>>>
                      │
                      │   (None ⇒ plain text fallback)
                      │
      /theme picker   ─── set_syntax_theme(theme)    // live preview swap
                      ─── current_syntax_theme()      // snapshot for cancel
                      ─── resolve_theme_by_name(name) // lookup by kebab-case
    ```
    
    Key files:
    
    - `tui/src/render/highlight.rs` -- engine, theme management, guardrails
    - `tui/src/diff_render.rs` -- syntax-aware diff line wrapping
    - `tui/src/theme_picker.rs` -- `/theme` command builder
    - `tui/src/bottom_pane/list_selection_view.rs` -- side content panel,
    callbacks
    - `core/src/config/types.rs` -- `Tui::theme` field
    - `core/src/config/edit.rs` -- `syntax_theme_edit()` helper
    
    ## Observability
    
    - `tracing::warn` when a configured theme name cannot be resolved.
    - `Config::startup_warnings` surfaces the same message as a TUI banner.
    - `tracing::error` when persisting theme selection fails.
    
    ## Tests
    
    - Unit tests in `highlight.rs`: language coverage, fallback behavior,
    CRLF stripping, style conversion, guardrail enforcement, theme name
    mapping exhaustiveness.
    - Unit tests in `diff_render.rs`: snapshot gallery at multiple terminal
    sizes (80x24, 94x35, 120x40), syntax-highlighted wrapping, large-diff
    guardrail, rename-to-different-extension highlighting, parser state
    preservation across hunk lines.
    - Unit tests in `theme_picker.rs`: preview rendering (wide + narrow),
    dim overlay on deletions, subtitle truncation, cancel-restore, fallback
    for unavailable configured theme.
    - Unit tests in `list_selection_view.rs`: side layout geometry, stacked
    fallback, buffer clearing, cancel/selection-changed callbacks.
    - Integration test in `lib.rs`: theme warning uses the final
    (post-resume) config.
    
    ## Cargo Deny: Unmaintained Dependency Exceptions
    
    This PR adds two `cargo deny` advisory exceptions for transitive
    dependencies pulled in by `syntect v5.3.0`:
    
    | Advisory | Crate | Status |
    |----------|-------|--------|
    | RUSTSEC-2024-0320 | `yaml-rust` | Unmaintained (maintainer
    unreachable) |
    | RUSTSEC-2025-0141 | `bincode` | Unmaintained (development ceased;
    v1.3.3 considered complete) |
    
    **Why this is safe in our usage:**
    
    - Neither advisory describes a known security vulnerability. Both are
    "unmaintained" notices only.
    - `bincode` is used by syntect to deserialize pre-compiled syntax sets.
    Again, these are **static vendored artifacts** baked into the binary at
    build time. No user-supplied bincode data is ever deserialized. - Attack
    surface is zero for both crates; exploitation would require a
    supply-chain compromise of our own build artifacts.
    - These exceptions can be removed when syntect migrates to `yaml-rust2`
    and drops `bincode`, or when alternative crates are available upstream.
  • Make shell detection tests
    robust to Nix shell paths (#12476)
    
    ## Summary
    - Updated `codex-rs/core/src/shell.rs` tests for shell detection to stop
    asserting hardcoded shell paths.
    - `detects_bash` and `detects_sh` now assert executable basenames
    (`bash`, `sh`) rather than `/bin/*`/`/usr/bin/*` absolute paths.
    - This keeps behavior the same while avoiding failures in Nix
    environments where shells are resolved from `/nix/store/.../bin`.
    
    ## Testing
    - `nix develop .#default --command sh -lc 'export
    PKG_CONFIG_PATH=/nix/store/6az1q591wwlgazzskngr6rl7gmhpyvnc-libcap-2.77-dev/lib/pkgconfig:/nix/store/fgm3pz8486ksh3f94629lpb7xjr2wjp7-openssl-3.6.0-dev/lib/pkgconfig:$PKG_CONFIG_PATH;
    export PKG_CONFIG_PATH_FOR_TARGET=$PKG_CONFIG_PATH; cd
    /home/alex/workspace/openai/codex/codex-rs && cargo test -p codex-core
    --lib detects_bash && cargo test -p codex-core --lib detects_sh'`
    
    ## Why
    The two failing tests previously hardcoded fixed paths and failed under
    the Nix shell due to Nix-provided shell binary locations.
    
    ## Links
    - Bug report / enhancement request: not publicly filed yet; this was
    reproduced in the local Nix environment.
  • fix: make realtime conversation flake test order-insensitive (#12475)
    ## Why
    
    `codex-core::all` has a flaky test,
    `suite::realtime_conversation::conversation_start_audio_text_close_round_trip`,
    that assumes a fixed ordering between `conversation.item.create` and
    `response.input_audio.delta` requests.
    
    That ordering is not guaranteed: realtime text and audio input are
    forwarded through separate queues and a background task, so either
    request can be observed first while still being correct behavior.
    
    ## What Changed
    
    - Updated the assertion in
    `codex-rs/core/tests/suite/realtime_conversation.rs` to compare the two
    observed request types order-independently.
    - Kept the existing checks that `session.create` is sent first and that
    exactly two follow-up requests are recorded.
    
    ## Verification
    
    - Re-ran `cargo test -p codex-core --test all
    conversation_start_audio_text_close_round_trip` 10 times locally.
  • Route inbound realtime text into turn start or steer (#12469)
    - Route inbound realtime websocket text into normal user input handling
    so it steers an active turn or starts a new one
  • fix(tui): preserve URL clickability across all TUI views (#12067)
    ## Problem
    
    Long URLs containing `/` and `-` characters are split across multiple
    terminal lines by `textwrap`'s default hyphenation rules. This breaks
    terminal link detection: emulators can no longer identify the URL as
    clickable, and copy-paste yields a truncated fragment. The issue affects
    every view that renders user or agent text — exec output, history cells,
    markdown, the app-link setup screen, and the VT100 scrollback path.
    
    A secondary bug compounds the first: `desired_height()` calculations
    count logical lines rather than viewport rows. When a URL overflows its
    line and wraps visually, the height budget is too small, causing content
    to clip or leave gaps.
    
    Here is how the complete URL is interpreted by the terminal before
    (first line only) and after (complete URL):
    
    | Before | After |
    |---|---|
    | <img width="777" height="1002" alt="Screenshot 2026-02-17 at 7 59 11
    PM"
    src="https://github.com/user-attachments/assets/193a89a0-7e56-49c5-8b76-53499a76e7e3"
    /> | <img width="777" height="1002" alt="Screenshot 2026-02-17 at 7 58
    40 PM"
    src="https://github.com/user-attachments/assets/0b9b4c14-aafb-439f-9ffe-f6bba556f95e"
    /> |
    
    ## Mental model
    
    The TUI now treats URL-like tokens as atomic units that must never be
    split by the wrapping engine. Every call site that previously used
    `word_wrap_*` has been migrated to `adaptive_wrap_*`, which inspects
    each line for URL-like tokens and switches wrapping strategy
    accordingly:
    
    - **Non-URL lines** follow the existing `textwrap` path unchanged (word
    boundaries, optional indentation, hyphenation).
    - **URL-only lines** (with at most decorative markers like `│`, `-`,
    `1.`) are emitted unwrapped so terminal link detection works; ratatui's
    `Wrap { trim: false }` handles the final character wrap at render time.
    - **Mixed lines** (URL + substantive non-URL prose) flow through
    `adaptive_wrap_line` so prose wraps naturally at word boundaries while
    URL tokens remain unsplit.
    
    Height measurement everywhere now delegates to
    `Paragraph::line_count(width)`, which accounts for the visual row cost
    of overflowed lines. This single source of truth replaces ad-hoc line
    counting in individual cells.
    
    For terminal scrollback (the VT100 path that prints history when the TUI
    exits), URL-only lines are emitted unwrapped so the terminal's own link
    detector can find them. Mixed URL+prose lines use adaptive wrapping so
    surrounding text wraps naturally. Continuation rows are pre-cleared to
    avoid stale content artifacts.
    
    ## Non-goals
    
    - Full RFC 3986 URL parsing. The detector is a conservative heuristic
    that covers `scheme://host`, bare domains (`example.com/path`),
    `localhost:port`, and IPv4 hosts. IPv6 (`[::1]:8080`) and exotic schemes
    are intentionally excluded from v1.
    - Changing wrapping behavior for non-URL content.
    - Reflowing or reformatting existing terminal scrollback on resize.
    
    ## Tradeoffs
    
    | Decision | Upside | Downside |
    |----------|--------|----------|
    | Heuristic URL detection vs. full parser | Fast, zero-alloc on the hot
    path; conservative enough to reject file paths like `src/main.rs` |
    False negatives on obscure URL formats (they get split as before) |
    | Adaptive (three-path) wrapping | Non-URL lines are untouched — no
    behavior change, no perf cost; mixed lines wrap prose naturally while
    preserving URLs | Three wrapping strategies to reason about when
    debugging layout |
    | Row-based truncation with line-unit ellipsis | Accurate viewport
    budget; stable "N lines omitted" count across terminal widths |
    `truncate_lines_middle` is more complex (must compute per-line row cost)
    |
    | Unwrapped URL-only lines in scrollback | Terminal emulators detect
    clickable links; copy-paste gets the full URL | TUI and scrollback
    formatting diverge for URL-only lines |
    | Default `desired_height` via `Paragraph::line_count` | DRY — most
    cells inherit correct measurement | Cells with custom layout must
    remember to override |
    
    ## Architecture
    
    ```mermaid
    flowchart TD
        A["adaptive_wrap_*()"] --> B{"line_contains_url_like?"}
        B -- No URL tokens --> C["word_wrap_line<br/>(textwrap default)"]
        B -- Has URL tokens --> D{"mixed URL + prose?"}
        D -- "URL-only<br/>(+ decorative markers)" --> E["emit unwrapped<br/>(terminal char-wraps)"]
        D -- "Mixed<br/>(URL + substantive text)" --> F["adaptive_wrap_line<br/>(AsciiSpace + custom WordSplitter)"]
        C --> G["Paragraph::line_count(w)<br/>(single height truth)"]
        E --> G
        F --> G
    ```
    
    **Changed files:**
    
    | File | Role |
    |------|------|
    | `wrapping.rs` | URL detection heuristics, mixed-line detection,
    `adaptive_wrap_*` functions, custom `WordSplitter` |
    | `exec_cell/render.rs` | Row-aware `truncate_lines_middle`, adaptive
    wrapping for command/output display |
    | `history_cell.rs` | Migrate all cell types to `adaptive_wrap_*`;
    default `desired_height` via `Paragraph::line_count` |
    | `insert_history.rs` | Three-path scrollback wrapping (unwrapped
    URL-only, adaptive mixed, word-wrapped text); continuation row clearing
    |
    | `app_link_view.rs` | Adaptive wrapping for setup URL; `desired_height`
    via `Paragraph::line_count` |
    | `markdown_render.rs` | Adaptive wrapping in `finish_paragraph` |
    | `model_migration.rs` | Viewport-aware wrapping for narrow-pane
    markdown |
    | `pager_overlay.rs` | `Wrap { trim: false }` for transcript and
    streaming chunks |
    | `queued_user_messages.rs` | Migrate to `adaptive_wrap_lines` |
    | `status/card.rs` | Migrate to `adaptive_wrap_lines` |
    
    ## Observability
    
    - **Ellipsis message** in truncated exec output reports omitted count in
    logical lines (stable across resize) rather than viewport rows
    (fluctuates).
    - URL detection is deterministic and stateless — no hidden caching or
    memoization to go stale.
    - Height mismatch bugs surface immediately as visual clipping or gaps;
    the `Paragraph::line_count` path is the same code ratatui uses at render
    time, so measurement and rendering cannot diverge.
    
    ## Tests
    
    26 new unit tests across 7 files, covering:
    
    - **URL integrity**: assert a URL-like token appears on exactly one
    rendered line (not split across two).
    - **Height accuracy**: compare `desired_height()` against
    `Paragraph::line_count()` for URL-containing content.
    - **Row-aware truncation**: verify ellipsis counts logical lines and
    output fits within the row budget.
    - **Scrollback rendering**: VT100 backend tests confirm prefix and URL
    land on the same row; continuation rows are cleared; mixed URL+prose
    lines wrap prose while preserving URL tokens.
    - **Mixed URL+prose detection**: `line_has_mixed_url_and_non_url_tokens`
    correctly distinguishes lines with substantive non-URL text from lines
    with only decorative markers alongside a URL.
    - **Heuristic correctness**: positive matches (`https://...`,
    `example.com/path`, `localhost:3000/api`, `192.168.1.1:8080/health`) and
    negative matches (`src/main.rs`, `foo/bar`, `hello-world`).
    
    ## Risks and open items
    
    1. **URL-like tokens in code output** (e.g. `example.com/api` inside a
    JSON blob) will trigger URL-preserving wrap on that line. This is
    acceptable — the worst case is a slightly wider line, not broken output.
    2. **Very long non-URL tokens on a URL line** can only break at
    character boundaries (the custom splitter emits all char indices for
    non-URL words). On extremely narrow terminals this could overflow, but
    narrow terminals already degrade gracefully.
    3. **No IPv6 support** — `[::1]:8080/path` will be treated as a non-URL
    and may get split. Can be added later without API changes.
    
    Fixes #5457
  • Improve token usage estimate for images (#12419)
    Fixes #11845.
    
    Adjust context/token estimation for inline image `data:*;base64,...`
    URLs so we
    do not count the raw base64 payload as model-visible text.
    
    What changed:
    - keep the existing JSON-length estimator as the baseline
    - detect only inline base64 `data:` image URLs in message and
    function-call
      output content items
    - subtract only the base64 payload bytes (preserving data URL prefix +
    JSON
      overhead)
    - add a fixed per-image estimate of 340 bytes (~85 tokens at the repo’s
      4-bytes/token heuristic)
    
    This avoids large overestimates from MCP image tool outputs while
    leaving normal
    image URLs (`https://`, `file://`, non-base64 `data:` URLs) unchanged.
    
    Tests:
    - message image data URL estimate regression
    - function-call output image data URL estimate regression
    - non-base64 image URLs unchanged
    - non-base64 `data:` URLs unchanged
    - `data:application/octet-stream;base64,...` adjusted
    - multiple inline images apply multiple fixed costs
    - text-only items unchanged
  • Prefer v2 websockets if available (#12428)
    And also cleanup settings flow to avoid reading many separate flags.
    
    ---------
    
    Co-authored-by: Codex <noreply@openai.com>