Upstream merge: openai/codex@main into main#173
Merged
Merged
Conversation
## Summary Splitting out this smaller fix from openai#2694 - fixes the sandbox permissions so Chat / read-only mode tool definition matches expectations ## Testing - [x] Tested locally <img width="1271" height="629" alt="Screenshot 2025-09-15 at 2 51 19 PM" src="https://github.com/user-attachments/assets/fcb247e4-30b6-4199-80d7-a2876d79ad7d" />
…n\n- keep ours for codex-rs/tui/** and core/openai_tools.rs to preserve UX, tool gating, and invariants\n- adopt upstream elsewhere; no net changes this window\n- verify.sh + ./build-fast.sh passed (zero warnings)
Make the section linkable.
Let's record the search items because they are part of the history.
## Summary SendUserTurn has not been correctly handling updates to policies. While the tui protocol handles this in `Op::OverrideTurnContext`, the SendUserTurn should be appending `EnvironmentContext` messages when the sandbox settings change. MCP client behavior should match the cli behavior, so we update `SendUserTurn` message to match. ## Testing - [x] Added prompt caching tests
…ork invariants\n\n- Policy: prefer ours in TUI/core tool wiring and docs; prefer theirs in common/exec/file-search.\n- Verification: scripts/upstream-merge/verify.sh OK; build-fast OK (no warnings).
…d policy - Keep forked core execution codex.rs to preserve browser/agent gating, screenshot UX, and UA/version semantics - Adopt upstream updates in common/exec/tests; fix env context TurnContext import and dead-code warning - Verify: scripts/upstream-merge/verify.sh OK; build-fast OK (no warnings)
1. Adds the environment prompt (including cwd) to review thread 2. Prepends the review prompt as a user message (temporary fix so the instructions are not replaced on backend) 3. Sets reasoning to low 4. Sets default review model to `gpt-5-codex`
…rk invariants in core - Prefer ours in protected areas (tui/**, core codex.rs/openai_tools.rs, agent_tool.rs, default_client.rs, protocol models alias) - Prefer theirs for common/exec/file-search; adopt general upstream updates elsewhere - Resolve core conflicts: keep our codex.rs flow; unify lib.rs re-exports (keep models alias; include REVIEW_PROMPT) - Enforce purge policy (no .github/codex-cli-* images) - Verify guards + build-fast: OK (zero warnings)
<img width="1205" height="930" alt="Screenshot 2025-09-16 at 2 23 18 PM" src="https://github.com/user-attachments/assets/bb2494f1-dd59-4bc9-9c4e-740605c999fd" />
…et)\n\n- Keep ours for TUI conflicts (chatwidget, history_cell, markdown_stream); preserve wrapping.rs deletion\n- Adopt upstream elsewhere per policy\n- verify.sh + build-fast.sh: pass (no warnings)\n\nDocs: update auto/MERGE_PLAN.md and auto/MERGE_REPORT.md
Proposal: We want to record a dev message like so:
```
{
"type": "message",
"role": "user",
"content": [
{
"type": "input_text",
"text": "<user_action>
<context>User initiated a review task. Here's the full review output from reviewer model. User may select one or more comments to resolve.</context>
<action>review</action>
<results>
{findings_str}
</results>
</user_action>"
}
]
},
```
Without showing in the chat transcript.
Rough idea, but it fixes issue where the user finishes a review thread,
and asks the parent "fix the rest of the review issues" thinking that
the parent knows about it.
### Question: Why not a tool call?
Because the agent didn't make the call, it was a human. + we haven't
implemented sub-agents yet, and we'll need to think about the way we
represent these human-led tool calls for the agent.
…invariants; fix protocol imports (build-fast OK)
- Keep ours for and workflows; drop upstream per policy. - Adopt upstream docs changes; simplify npm publish notes. - Fix build: re-export Review* types in to align tests and new review features. - Verify: scripts/upstream-merge/verify.sh OK; ./build-fast.sh passes with zero warnings.
…eep ours for workflows per policy (.github/workflows/**)\n- Verified with scripts/upstream-merge/verify.sh: build_fast=ok, api_check=ok, guards=ok\n- Warnings: none (build-fast zero-warning policy)\n\nArtifacts: .github/auto/MERGE_PLAN.md, .github/auto/MERGE_REPORT.md
) The build for `v0.37.0-alpha.3` failed on the `Create GitHub Release` step: https://github.com/openai/codex/actions/runs/17786866086/job/50556513221 with: ```⚠️ GitHub release failed with status: 403 {"message":"Resource not accessible by integration","documentation_url":"https://docs.github.com/rest/releases/releases#create-a-release","status":"403"} Skip retry — your GitHub token/PAT does not have the required permission to create a release ``` I believe I should have not introduced a top-level `permissions` for the workflow in openai#3431 because that affected the `permissions` for each job in the workflow. This PR introduces `publish-npm` as its own job, which allows us to: - consolidate all the Node.js-related steps required for publishing - limit the reach of the `id-token: write` permission - skip it altogether if is an alpha build With this PR, each of `release`, `publish-npm`, and `update-branch` has an explicit `permissions` block.
…r fork policy (.github/workflows/rust-release.yml) - prefer_ours_globs: kept local workflows; removed upstream reintroduced file - verify.sh: build_fast=ok; api_check=ok
Often, `gh` infers `--repo` when it is run from a Git clone, but our `publish-npm` step is designed to avoid the overhead of cloning the repo, so add the `--repo` option explicitly to fix things.
This change instructs the model to install any missing command. Else tokens are wasted when it tries to run commands that aren't available multiple times before installing them.
Instead of "Agent turn complete", turn-complete notifications now include the first handful of chars from the agent's final message.
…S.md per fork policy; upstream elsewhere (build-fast, API checks clean)
- Prefer ours for TUI (chatwidget.rs) to preserve strict ordering and UX - Adopt upstream elsewhere per by-bucket policy - Preserve browser/agent tools, web_fetch gating, UA/version helpers Build: verify.sh OK; build-fast.sh OK
…n\n- Preserve fork invariants (TUI, browser/agent tools, UA/version)\n- Prefer upstream in common/exec/file-search; keep ours in core/TUI\n- No purge assets reintroduced\n- verify.sh: PASS; build-fast: PASS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
11 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR merges openai/codex@main into main.