Commit Graph

1111 Commits

  • feat: tweak windows sandbox strings (#6875)
    New strings:
    1. Approval mode picker just says "Select Approval Mode"
    1. Updated "Auto" to "Agent"
    1. When you select "Agent", you get "Agent mode on Windows uses an
    experimental sandbox to limit network and filesystem access. [Learn
    more]"
    1. Updated world-writable warning to "The Windows sandbox cannot protect
    writes to folders that are writable by Everyone. Consider removing write
    access for Everyone from the following folders: {folders}"
    
    ---------
    
    Co-authored-by: iceweasel-oai <iceweasel@openai.com>
  • fix: add more fields to ThreadStartResponse and ThreadResumeResponse (#6847)
    This adds the following fields to `ThreadStartResponse` and
    `ThreadResumeResponse`:
    
    ```rust
        pub model: String,
        pub model_provider: String,
        pub cwd: PathBuf,
        pub approval_policy: AskForApproval,
        pub sandbox: SandboxPolicy,
        pub reasoning_effort: Option<ReasoningEffort>,
    ```
    
    This is important because these fields are optional in
    `ThreadStartParams` and `ThreadResumeParams`, so the caller needs to be
    able to determine what values were ultimately used to start/resume the
    conversation. (Though note that any of these could be changed later
    between turns in the conversation.)
    
    Though to get this information reliably, it must be read from the
    internal `SessionConfiguredEvent` that is created in response to the
    start of a conversation. Because `SessionConfiguredEvent` (as defined in
    `codex-rs/protocol/src/protocol.rs`) did not have all of these fields, a
    number of them had to be added as part of this PR.
    
    Because `SessionConfiguredEvent` is referenced in many tests, test
    instances of `SessionConfiguredEvent` had to be updated, as well, which
    is why this PR touches so many files.
  • tui: add branch to 'codex resume', filter by cwd (#6232)
    By default, show only sessions that shared a cwd with the current cwd.
    `--all` shows all sessions in all cwds. Also, show the branch name from
    the rollout metadata.
    
    <img width="1091" height="638" alt="Screenshot 2025-11-04 at 3 30 47 PM"
    src="https://github.com/user-attachments/assets/aae90308-6115-455f-aff7-22da5f1d9681"
    />
  • Fix tests so they don't emit an extraneous config.toml in the source tree (#6853)
    This PR fixes the `release_event_does_not_change_selection` test so it
    doesn't cause an extra `config.toml` to be emitted in the sources when
    running the tests locally. Prior to this fix, I needed to delete this
    file every time I ran the tests to prevent it from showing up as an
    uncommitted source file.
  • Prompt to turn on windows sandbox when auto mode selected. (#6618)
    - stop prompting users to install WSL 
    - prompt users to turn on Windows sandbox when auto mode requested.
    
    <img width="1660" height="195" alt="Screenshot 2025-11-17 110612"
    src="https://github.com/user-attachments/assets/c67fc239-a227-417e-94bb-599a8ed8f11e"
    />
    <img width="1684" height="168" alt="Screenshot 2025-11-17 110637"
    src="https://github.com/user-attachments/assets/d18c3370-830d-4971-8746-04757ae2f709"
    />
    <img width="1655" height="293" alt="Screenshot 2025-11-17 110719"
    src="https://github.com/user-attachments/assets/d21f6ce9-c23e-4842-baf6-8938b77c16db"
    />
  • fix(windows) shell_command on windows, minor parsing (#6811)
    ## Summary
    Enables shell_command for windows users, and starts adding some basic
    command parsing here, to at least remove powershell prefixes. We'll
    follow this up with command parsing but I wanted to land this change
    separately with some basic UX.
    
    **NOTE**: This implementation parses bash and powershell on both
    platforms. In theory this is possible, since you can use git bash on
    windows or powershell on linux. In practice, this may not be worth the
    complexity of supporting, so I don't feel strongly about the current
    approach vs. platform-specific branching.
    
    ## Testing
    - [x] Added a bunch of tests 
    - [x] Ran on both windows and os x
  • Update defaults to gpt-5.1 (#6652)
    ## Summary
    - update documentation, example configs, and automation defaults to
    reference gpt-5.1 / gpt-5.1-codex
    - bump the CLI and core configuration defaults, model presets, and error
    messaging to the new models while keeping the model-family/tool coverage
    for legacy slugs
    - refresh tests, fixtures, and TUI snapshots so they expect the upgraded
    defaults
    
    ## Testing
    - `cargo test -p codex-core
    config::tests::test_precedence_fixture_with_gpt5_profile`
    
    
    ------
    [Codex
    Task](https://chatgpt.com/codex/tasks/task_i_6916c5b3c2b08321ace04ee38604fc6b)
  • [app-server] feat: add v2 command execution approval flow (#6758)
    This PR adds the API V2 version of the command‑execution approval flow
    for the shell tool.
    
    This PR wires the new RPC (`item/commandExecution/requestApproval`, V2
    only) and related events (`item/started`, `item/completed`, and
    `item/commandExecution/delta`, which are emitted in both V1 and V2)
    through the app-server
    protocol. The new approval RPC is only sent when the user initiates a
    turn with the new `turn/start` API so we don't break backwards
    compatibility with VSCE.
    
    The approach I took was to make as few changes to the Codex core as
    possible, leveraging existing `EventMsg` core events, and translating
    those in app-server. I did have to add additional fields to
    `EventMsg::ExecCommandEndEvent` to capture the command's input so that
    app-server can statelessly transform these events to a
    `ThreadItem::CommandExecution` item for the `item/completed` event.
    
    Once we stabilize the API and it's complete enough for our partners, we
    can work on migrating the core to be aware of command execution items as
    a first-class concept.
    
    **Note**: We'll need followup work to make sure these APIs work for the
    unified exec tool, but will wait til that's stable and landed before
    doing a pass on app-server.
    
    Example payloads below:
    ```
    {
      "method": "item/started",
      "params": {
        "item": {
          "aggregatedOutput": null,
          "command": "/bin/zsh -lc 'touch /tmp/should-trigger-approval'",
          "cwd": "/Users/owen/repos/codex/codex-rs",
          "durationMs": null,
          "exitCode": null,
          "id": "call_lNWWsbXl1e47qNaYjFRs0dyU",
          "parsedCmd": [
            {
              "cmd": "touch /tmp/should-trigger-approval",
              "type": "unknown"
            }
          ],
          "status": "inProgress",
          "type": "commandExecution"
        }
      }
    }
    ```
    
    ```
    {
      "id": 0,
      "method": "item/commandExecution/requestApproval",
      "params": {
        "itemId": "call_lNWWsbXl1e47qNaYjFRs0dyU",
        "parsedCmd": [
          {
            "cmd": "touch /tmp/should-trigger-approval",
            "type": "unknown"
          }
        ],
        "reason": "Need to create file in /tmp which is outside workspace sandbox",
        "risk": null,
        "threadId": "019a93e8-0a52-7fe3-9808-b6bc40c0989a",
        "turnId": "1"
      }
    }
    ```
    
    ```
    {
      "id": 0,
      "result": {
        "acceptSettings": {
          "forSession": false
        },
        "decision": "accept"
      }
    }
    ```
    
    ```
    {
      "params": {
        "item": {
          "aggregatedOutput": null,
          "command": "/bin/zsh -lc 'touch /tmp/should-trigger-approval'",
          "cwd": "/Users/owen/repos/codex/codex-rs",
          "durationMs": 224,
          "exitCode": 0,
          "id": "call_lNWWsbXl1e47qNaYjFRs0dyU",
          "parsedCmd": [
            {
              "cmd": "touch /tmp/should-trigger-approval",
              "type": "unknown"
            }
          ],
          "status": "completed",
          "type": "commandExecution"
        }
      }
    }
    ```
  • background rate limits fetch (#6789)
    fetching rate limits every minute asynchronously
  • Fix TUI issues with Alt-Gr on Windows (#6799)
    This PR fixes keyboard handling for the Right Alt (aka "Alt-Gr") key on
    Windows. This key appears on keyboards in Central and Eastern Europe.
    Codex has effectively never worked for Windows users in these regions
    because the code didn't properly handle this key, which is used for
    typing common symbols like `\` and `@`.
    
    A few days ago, I merged a [community-authored
    PR](https://github.com/openai/codex/pull/6720) that supplied a partial
    fix for this issue. Upon closer inspect, that PR was 1) too broad (not
    scoped to Windows only) and 2) incomplete (didn't fix all relevant code
    paths, so paste was still broken).
    
    This improvement is based on another [community-provided
    PR](https://github.com/openai/codex/pull/3241) by @marektomas-cz. He
    submitted it back in September and later closed it because it didn't
    receive any attention.
    
    This fix addresses the following bugs: #5922, #3046, #3092, #3519,
    #5684, #5843.
  • LM Studio OSS Support (#2312)
    ## Overview
    
    Adds LM Studio OSS support. Closes #1883
    
    
    ### Changes
    This PR enhances the behavior of `--oss` flag to support LM Studio as a
    provider. Additionally, it introduces a new flag`--local-provider` which
    can take in `lmstudio` or `ollama` as values if the user wants to
    explicitly choose which one to use.
    
    If no provider is specified `codex --oss` will auto-select the provider
    based on whichever is running.
    
    #### Additional enhancements 
    The default can be set using `oss-provider` in config like:
    
    ```
    oss_provider = "lmstudio"
    ```
    
    For non-interactive users, they will need to either provide the provider
    as an arg or have it in their `config.toml`
    
    ### Notes
    For best performance, [set the default context
    length](https://lmstudio.ai/docs/app/advanced/per-model) for gpt-oss to
    the maximum your machine can support
    
    ---------
    
    Co-authored-by: Matt Clayton <matt@lmstudio.ai>
    Co-authored-by: Eric Traut <etraut@openai.com>
  • core/tui: non-blocking MCP startup (#6334)
    This makes MCP startup not block TUI startup. Messages sent while MCPs
    are booting will be queued.
    
    
    https://github.com/user-attachments/assets/96e1d234-5d8f-4932-a935-a675d35c05e0
    
    
    Fixes #6317
    
    ---------
    
    Co-authored-by: pakrym-oai <pakrym@openai.com>
  • chore: delete chatwidget::tests::binary_size_transcript_snapshot tui test (#6759)
    We're running into quite a bit of drag maintaining this test, since
    every time we add fields to an EventMsg that happened to be dumped into
    the `binary-size-log.jsonl` fixture, this test starts to fail. The fix
    is usually to either manually update the `binary-size-log.jsonl` fixture
    file, or update the `upgrade_event_payload_for_tests` function to map
    the data in that file into something workable.
    
    Eason says it's fine to delete this test, so let's just delete it
  • Fix AltGr/backslash input on Windows Codex terminal (#6720)
    ### Summary
    
    - Treat AltGr chords (Ctrl+Alt) as literal character input in the Codex
    TUI textarea so Windows terminals that report
        backslash and other characters via AltGr insert correctly.
    - Add regression test altgr_ctrl_alt_char_inserts_literal to ensure
    Ctrl+Alt char events append the character and
        advance the cursor.
    
     ### Motivation
    
    On US/UK keyboard layouts, backslash is produced by a plain key, so
    Ctrl+Alt handling is never exercised and the
    bug isn’t visible. On many non‑US layouts (e.g., German), backslash and
    other symbols require AltGr, which terminals
    report as Ctrl+Alt+<char>. Our textarea previously filtered these chords
    like navigation bindings, so AltGr input was
    dropped on affected layouts. This change treats AltGr chords as literal
    input so backslash and similar symbols work on
      Windows terminals.
    
    This fixes multiple reported Issues where the \ symbol got cut off.
    Like:
    C:\Users\Admin
    became
    C:UsersAdmin
    
    Co-authored-by: Eric Traut <etraut@openai.com>
  • Handle "Don't Trust" directory selection in onboarding (#4941)
    Fixes #4940
    Fixes #4892
    
    When selecting "No, ask me to approve edits and commands" during
    onboarding, the code wasn't applying the correct approval policy,
    causing Codex to block all write operations instead of requesting
    approval.
    
    This PR fixes the issue by persisting the "DontTrust" decision in
    config.toml as `trust_level = "untrusted"` and handling it in the
    sandbox and approval policy logic, so Codex correctly asks for approval
    before making changes.
    
    ## Before (bug)
    <img width="709" height="500" alt="bef"
    src="https://github.com/user-attachments/assets/5aced26d-d810-4754-879a-89d9e4e0073b"
    />
    
    ## After (fixed)
    <img width="713" height="359" alt="aft"
    src="https://github.com/user-attachments/assets/9887bbcb-a9a5-4e54-8e76-9125a782226b"
    />
    
    ---------
    
    Co-authored-by: Eric Traut <etraut@openai.com>
  • feat: better UI for unified_exec (#6515)
    <img width="376" height="132" alt="Screenshot 2025-11-12 at 17 36 22"
    src="https://github.com/user-attachments/assets/ce693f0d-5ca0-462e-b170-c20811dcc8d5"
    />
  • [app-server] small fixes for JSON schema export and one-of types (#6614)
    A partner is consuming our generated JSON schema bundle for app-server
    and identified a few issues:
    - not all polymorphic / one-of types have a type descriminator
    - `"$ref": "#/definitions/v2/SandboxPolicy"` is missing
    - "Option<>" is an invalid schema name, and also unnecessary
    
    This PR:
    - adds the type descriminator to the various types that are missing it
    except for `SessionSource` and `SubAgentSource` because they are
    serialized to disk (adding this would break backwards compat for
    resume), and they should not be necessary to consume for an integration
    with app-server.
    - removes the special handling in `export.rs` of various types like
    SandboxPolicy, which turned out to be unnecessary and incorrect
    - filters out `Option<>` which was auto-generated for request params
    that don't need a body
    
    For context, we currently pull in wayyy more types than we need through
    the `EventMsg` god object which we are **not** planning to expose in API
    v2 (this is how I suspect `SessionSource` and `SubAgentSource` are being
    pulled in). But until we have all the necessary v2 notifications in
    place that will allow us to remove `EventMsg`, we will keep exporting it
    for now.
  • fix model picker wrapping (#6589)
    Previously the popup measured rows using the full content width while
    the renderer drew them with 2 columns of padding, so at certain widths
    the layout allocated too little vertical space and hid the third option.
    Now both desired_height and render call a shared helper that subtracts
    the padding before measuring, so the height we reserve always matches
    what we draw and the menu doesn't drops entries.
    
    
    https://github.com/user-attachments/assets/59058fd9-1e34-4325-b5fe-fc888dfcb6bc
  • Reasoning level update (#6586)
    Automatically update reasoning levels when migrating between models
  • Change model picker to include gpt5.1 (#6569)
    - Change the presets
    - Change the tests that make sure we keep the list of tools updated
    - Filter out deprecated models
  • NUX for gpt5.1 (#6561)
    - Introducing a screen to inform users of model changes. 
    - Config name is being passed to be able to reuse this component in the
    future for future models
  • Fixed status output to use auth information from AuthManager (#6529)
    This PR addresses https://github.com/openai/codex/issues/6360. The root
    problem is that the TUI was directly loading the `auth.json` file to
    access the auth information. It should instead be using the AuthManager,
    which records the current auth information. The `auth.json` file can be
    overwritten at any time by other instances of the CLI or extension, so
    its information can be out of sync with the current instance. The
    `/status` command should always report the auth information associated
    with the current instance.
    
    An alternative fix for this bug was submitted by @chojs23 in [this
    PR](https://github.com/openai/codex/pull/6495). That approach was only a
    partial fix.
  • Update full-auto description with on-request (#6523)
    This PR fixes #6522 by correcting the comment for `full-auto` in both
    `codex-rs/exec/src/cli.rs` and `codex-rs/tui/src/cli.rs` from `-a
    on-failure` to `-a on-request` to make it coherent with
    `codex-rs/tui/src/lib.rs:97-105`:
    
    ```rust
    pub async fn run_main(
        mut cli: Cli,
        codex_linux_sandbox_exe: Option<PathBuf>,
    ) -> std::io::Result<AppExitInfo> {
        let (sandbox_mode, approval_policy) = if cli.full_auto {
            (
                Some(SandboxMode::WorkspaceWrite),
                Some(AskForApproval::OnRequest),
            )
    ```
    
    Running `just codex --help` or `just codex exec --help` should now yield
    the correct description of `full-auto` CLI argument.
    
    Signed-off-by: lionelchg <lionel.cheng@hotmail.fr>
  • Colocate more of bash parsing (#6489)
    Move a few callsites that were detecting `bash -lc` into a shared
    helper.
  • flip rate limit status bar (#6482)
    flipping rate limit status bar to match chat.com/codex/settings/usage
    
    <img width="848" height="420" alt="Screenshot 2025-11-10 at 4 53 41 PM"
    src="https://github.com/user-attachments/assets/e326db3f-4405-412d-9e62-337282ec9a35"
    />
  • refactor(tui): job-control for Ctrl-Z handling (#6477)
    - Moved the unix-only suspend/resume logic into a dedicated job_control
    module housing SuspendContext, replacing scattered cfg-gated fields and
    helpers in tui.rs.
    - Tui now holds a single suspend_context (Arc-backed) instead of
    multiple atomics, and the event stream uses it directly for Ctrl-Z
    handling.
    - Added detailed docs around the suspend/resume flow, cursor tracking,
    and the Arc/atomic ownership model for the 'static event stream.
    - Renamed the process-level SIGTSTP helper to suspend_process and the
    cursor tracker to set_cursor_y to better reflect their roles.
  • Fix wayland image paste error (#4824)
    ## Summary
    - log and surface clipboard failures instead of silently ignoring them
    when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an
    error history cell)
    - enable `arboard`’s `wayland-data-control` feature so native Wayland
    sessions can deliver image data without XWayland
    - keep the success path unchanged: valid images still attach and show
    the `[image …]` placeholder as before
    
    Fixes #4818
    
    ---------
    
    Co-authored-by: Eric Traut <etraut@openai.com>
    Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
  • Add user command event types (#6246)
    adding new user command event, logic in TUI to render user command
    events
  • Add opt-out for rate limit model nudge (#6433)
    ## Summary
    - add a `hide_rate_limit_model_nudge` notice flag plus config edit
    plumbing so the rate limit reminder preference is persisted and
    documented
    - extend the chat widget prompt with a "never show again" option, and
    wire new app events so selecting it hides future nudges immediately and
    writes the config
    - add unit coverage and refresh the snapshot for the three-option prompt
    
    ## Testing
    - `just fmt`
    - `just fix -p codex-tui`
    - `just fix -p codex-core`
    - `cargo test -p codex-tui`
    - `cargo test -p codex-core` *(fails at
    `exec::tests::kill_child_process_group_kills_grandchildren_on_timeout`:
    grandchild process still alive)*
    
    ------
    [Codex
    Task](https://chatgpt.com/codex/tasks/task_i_6910d7f407748321b2661fc355416994)
  • Support exiting from the login menu (#6419)
    I recently fixed a bug in [this
    PR](https://github.com/openai/codex/pull/6285) that prevented Ctrl+C
    from dismissing the login menu in the TUI and leaving the user unauthed.
    
    A [user pointed out](https://github.com/openai/codex/issues/6418) that
    this makes Ctrl+C can no longer be used to exit the app. This PR changes
    the behavior so we exit the app rather than ignoring the Ctrl+C.
  • Fix warning message phrasing (#6446)
    Small fix for sentence phrasing in the warning message
    
    Co-authored-by: AndrewNikolin <877163+AndrewNikolin@users.noreply.github.com>
  • more world-writable warning improvements (#6389)
    3 improvements:
    1. show up to 3 actual paths that are world-writable
    2. do the scan/warning for Read-Only mode too, because it also applies
    there
    3. remove the "Cancel" option since it doesn't always apply (like on
    startup)
  • feat(tui): Display keyboard shortcuts inline for approval options (#5889)
    Shows single-key shortcuts (y, a, n) next to approval options to make
    them more discoverable. Previously these shortcuts worked but were
    hidden, making the feature hard to discover.
    
    Changes:
    - "Yes, proceed" now shows "y" shortcut
    - "Yes, and don't ask again" now shows "a" shortcut
    - "No, and tell Codex..." continues to show "esc" shortcut
    
    This improves UX by surfacing the quick keyboard shortcuts that were
    already functional but undiscoverable in the UI.
    
    ---
    
    Update:
    
    added parentheses for better visual clarity 
    <img width="1540" height="486" alt="CleanShot 2025-11-05 at 11 47 07@2x"
    src="https://github.com/user-attachments/assets/f951c34a-9ec8-4b81-b151-7b2ccba94658"
    />
    
    ---------
    
    Co-authored-by: Claude <noreply@anthropic.com>
    Co-authored-by: Eric Traut <etraut@openai.com>
  • Improve world-writable scan (#6381)
    1. scan many more directories since it's much faster than the original
    implementation
    2. limit overall scan time to 2s
    3. skip some directories that are noisy - ApplicationData, Installer,
    etc.
  • refactor(terminal): cleanup deprecated flush logic (#6373)
    Removes flush logic that was leftover to test against ratatui's flush
    Cleaned up the flush logic so it's a bit more intent revealing.
    DrawCommand now owns the Cells that it draws as this works around a
    borrow checker problem.
  • feat: Enable CTRL-n and CTRL-p for navigating slash commands, files, history (#1994)
    Adds CTRL-n and CTRL-p navigation for slash commands, files, and
    history.
    Closes #1992
    
    Co-authored-by: Eric Traut <etraut@openai.com>
  • tui: fix backtracking past /status (#6335)
    Fixes https://github.com/openai/codex/issues/4722
    
    Supersedes https://github.com/openai/codex/pull/5058
    
    Ideally we'd have a clearer way of separating history per-session than
    by detecting a specific history cell type, but this is a fairly minimal
    fix for now.
  • Windows Sandbox: Show Everyone-writable directory warning (#6283)
    Show a warning when Auto Sandbox mode becomes enabled, if we detect
    Everyone-writable directories, since they cannot be protected by the
    current implementation of the Sandbox.
    
    This PR also includes changes to how we detect Everyone-writable to be
    *much* faster
  • chore: rename for clarity (#6319)
    Co-authored-by: Ahmed Ibrahim <aibrahim@openai.com>
  • Prevent dismissal of login menu in TUI (#6285)
    We currently allow the user to dismiss the login menu via Ctrl+C. This
    leaves them in a bad state where they're not auth'ed but have an input
    prompt. In the extension, this isn't a problem because we don't allow
    the user to dismiss the login screen.
    
    Testing: I confirmed that Ctrl+C no longer dismisses the login menu.
    
    This is an alternative (simpler) fix for a [community
    PR](https://github.com/openai/codex/pull/3234).