Commit Graph

3 Commits

  • feat: wire extension tool bundles into core (#22147)
    ## Why
    
    This is the next narrow step toward moving concrete tool families out of
    core. After #22138 introduced `codex-tool-api`, we still needed a real
    end-to-end seam that lets an extension own an executable tool definition
    once and have core install it without the temporary `extension-api`
    wrapper or a dependency on `codex-tools`.
    
    `codex-tool-api` is the small extension-facing execution contract, while
    `codex-tools` still has a different job: host-side shared tool metadata
    and planning logic that is not “run this contributed tool”, like spec
    shaping, namespaces, discovery, code-mode augmentation, and
    MCP/dynamic-to-Responses API conversion
    
    ## What changed
    
    - Moved the shared leaf tool-spec and JSON Schema types into
    `codex-tool-api`, so the executable contract now lives with
    [`ToolBundle`](https://github.com/openai/codex/blob/c538758095337d4fe0a52a172363ccede4066bda/codex-rs/tool-api/src/bundle.rs#L19-L70).
    - Replaced the temporary extension-side tool wrapper with direct
    `ToolBundle` use in `codex-extension-api`.
    - Taught core to collect contributed bundles, include them in spec
    planning, register them through
    [`ToolRegistryBuilder::register_tool_bundle`](https://github.com/openai/codex/blob/c538758095337d4fe0a52a172363ccede4066bda/codex-rs/core/src/tools/registry.rs#L653-L667),
    and dispatch them through the existing router/runtime path.
    - Added focused coverage for contributed tools becoming model-visible
    and dispatchable, plus spec-planning coverage for contributed function
    and freeform tools.
    
    ## Verification
    
    - Added `extension_tool_bundles_are_model_visible_and_dispatchable` in
    `core/src/tools/router_tests.rs`.
    - Added spec-plan coverage in `core/src/tools/spec_plan_tests.rs` for
    contributed extension bundles.
    
    ## Related
    
    - Follow-up to #22138
  • [codex] default unknown contributed tools to mutating (#22143)
    ## Summary
    - make the shared `ToolExecutor::is_mutating` default conservative by
    returning `true`
    - update the trait docs to say read-only tools should opt out explicitly
    - add a regression test covering the default behavior
    
    ## Why
    Hosts use this signal for serialization and approval policy. Treating
    unknown contributed tools as read-only lets a write-capable tool
    accidentally bypass mutating-tool safeguards if it forgets to override
    the hook.
    
    ## Validation
    - not run, per request
  • refactor: extract executable tool contracts into codex-tool-api (#22138)
    ## Why
    The tool-extraction work needs one shared executable-tool seam that
    hosts and tool owners can depend on without reaching into `codex-core`.
    Landing that seam first makes the later tool-family ports incremental
    and keeps the reusable contract separate from any one migration.
    
    ## What changed
    - add a new `codex-tool-api` crate and workspace wiring
    - move the common executable-tool contracts into that crate:
    `ToolBundle`, `ToolDefinition`, `ToolExecutor`, `ToolCall`, `ToolInput`,
    `ToolOutput`, `JsonToolOutput`, and `ToolError`
    - keep host state generic through `ToolBundle<C>` / `ToolCall<C>` so
    later integrations can provide their own runtime context without baking
    core types into the API
    - carry the host signals the runtime will need later, including
    parallel-call support and mutability probing
    - leave existing tool families in place for now; this PR only
    establishes the reusable API surface
    - add the Bazel target and lockfile updates for the new crate
    
    ## Testing
    - `cargo test -p codex-tool-api`