core/core-agent-ide
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
core-agent-ide/codex-rs/Cargo.lock

8710 lines
200 KiB
Text
Raw Normal View History

feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
# This file is automatically @generated by Cargo.
# It is not intended for manual editing.
version = 4
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "Inflector"
version = "0.11.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe438c63458706e03479442743baae6c88256498e6431708f6dfc520a26515d3"
dependencies = [
"lazy_static",
"regex",
]
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "actix-codec"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5f7b0a21988c1bf877cf4759ef5ddaac04c1c9fe808c9142ecb78ba97d97a28a"
dependencies = [
"bitflags 2.10.0",
"bytes",
"futures-core",
"futures-sink",
"memchr",
"pin-project-lite",
"tokio",
"tokio-util",
"tracing",
]
[[package]]
name = "actix-http"
version = "3.11.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7926860314cbe2fb5d1f13731e387ab43bd32bca224e82e6e2db85de0a3dba49"
dependencies = [
"actix-codec",
"actix-rt",
"actix-service",
"actix-utils",
"bitflags 2.10.0",
"bytes",
"bytestring",
"derive_more 2.0.1",
"encoding_rs",
feat: ghost snapshot v2 (#8055) This PR updates ghost snapshotting to avoid capturing oversized untracked artifacts while keeping undo safe. Snapshot creation now builds a temporary index from `git status --porcelain=2 -z`, writes a tree and detached commit without touching refs, and records any ignored large files/dirs in the snapshot report. Undo uses that metadata to preserve large local artifacts while still cleaning up new transient files.
2025-12-15 11:14:36 +01:00
"foldhash 0.1.5",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"futures-core",
"http 0.2.12",
"httparse",
"httpdate",
"itoa",
"language-tags",
"mime",
"percent-encoding",
"pin-project-lite",
"smallvec",
"tokio",
"tokio-util",
"tracing",
]
[[package]]
name = "actix-router"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "13d324164c51f63867b57e73ba5936ea151b8a41a1d23d1031eeb9f70d0236f8"
dependencies = [
"bytestring",
"cfg-if",
"http 0.2.12",
"regex-lite",
"serde",
"tracing",
]
[[package]]
name = "actix-rt"
version = "2.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "92589714878ca59a7626ea19734f0e07a6a875197eec751bb5d3f99e64998c63"
dependencies = [
"futures-core",
"tokio",
]
[[package]]
name = "actix-server"
version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a65064ea4a457eaf07f2fba30b4c695bf43b721790e9530d26cb6f9019ff7502"
dependencies = [
"actix-rt",
"actix-service",
"actix-utils",
"futures-core",
"futures-util",
"mio",
"socket2 0.5.10",
"tokio",
"tracing",
]
[[package]]
name = "actix-service"
version = "2.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9e46f36bf0e5af44bdc4bdb36fbbd421aa98c79a9bce724e1edeb3894e10dc7f"
dependencies = [
"futures-core",
"pin-project-lite",
]
[[package]]
name = "actix-utils"
version = "3.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "88a1dcdff1466e3c2488e1cb5c36a71822750ad43839937f85d2f4d9f8b705d8"
dependencies = [
"local-waker",
"pin-project-lite",
]
[[package]]
name = "actix-web"
version = "4.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1654a77ba142e37f049637a3e5685f864514af11fcbc51cb51eb6596afe5b8d6"
dependencies = [
"actix-codec",
"actix-http",
"actix-router",
"actix-rt",
"actix-server",
"actix-service",
"actix-utils",
"bytes",
"bytestring",
"cfg-if",
"derive_more 2.0.1",
"encoding_rs",
feat: ghost snapshot v2 (#8055) This PR updates ghost snapshotting to avoid capturing oversized untracked artifacts while keeping undo safe. Snapshot creation now builds a temporary index from `git status --porcelain=2 -z`, writes a tree and detached commit without touching refs, and records any ignored large files/dirs in the snapshot report. Undo uses that metadata to preserve large local artifacts while still cleaning up new transient files.
2025-12-15 11:14:36 +01:00
"foldhash 0.1.5",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"futures-core",
"futures-util",
"impl-more",
"itoa",
"language-tags",
"log",
"mime",
"once_cell",
"pin-project-lite",
"regex-lite",
"serde",
"serde_json",
"serde_urlencoded",
"smallvec",
feat: ghost snapshot v2 (#8055) This PR updates ghost snapshotting to avoid capturing oversized untracked artifacts while keeping undo safe. Snapshot creation now builds a temporary index from `git status --porcelain=2 -z`, writes a tree and detached commit without touching refs, and records any ignored large files/dirs in the snapshot report. Undo uses that metadata to preserve large local artifacts while still cleaning up new transient files.
2025-12-15 11:14:36 +01:00
"socket2 0.6.1",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"time",
"tracing",
"url",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "addr2line"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.24.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "dfbe277e56a376000877090da837660b4427aad530e3028d44e0bffe4f89a1c1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"gimli",
]
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "adler2"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "2.0.1"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "320119579fcad9c21884f5c4861d16174d0e06250625266f50fe6898340abefa"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "aes"
version = "0.8.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b169f7a6d4742236a0a00c541b845991d0ac43e546831af1249753ab4c3aa3a0"
dependencies = [
"cfg-if",
"cipher",
"cpufeatures",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "ahash"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.8.12"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "5a15f179cd60c4584b8a8c596927aadc462e27f2ca70c04e0071964a73ba7a75"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
"cfg-if",
"once_cell",
"version_check",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"zerocopy",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "aho-corasick"
version = "1.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916"
dependencies = [
"memchr",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "allocative"
version = "0.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8fac2ce611db8b8cee9b2aa886ca03c924e9da5e5295d0dbd0526e5d0b0710f7"
dependencies = [
"allocative_derive",
"bumpalo",
feat: add support for CODEX_SECURE_MODE=1 to restrict process observability (#4220) Because the `codex` process could contain sensitive information in memory, such as API keys, we add logic so that when `CODEX_SECURE_MODE=1` is specified, we avail ourselves of whatever the operating system provides to restrict observability/tampering, which includes: - disabling `ptrace(2)`, so it is not possible to attach to the process with a debugger, such as `gdb` - disabling core dumps Admittedly, a user with root privileges can defeat these safeguards. For now, we only add support for this in the `codex` multitool, but we may ultimately want to support this in some of the smaller CLIs that are buildable out of our Cargo workspace.
2025-09-25 10:02:28 -07:00
"ctor 0.1.26",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"hashbrown 0.14.5",
"num-bigint",
]
[[package]]
name = "allocative_derive"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe233a377643e0fc1a56421d7c90acdec45c291b30345eb9f08e8d0ddce5a4ab"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "allocator-api2"
version = "0.2.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "683d7910e743518b0e34f1186f92494becacb047c7b6bf616c96772180fef923"
[[package]]
name = "android_system_properties"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "819e7219dbd41043ac279b19830f2efc897156490d7fd6ea916720117ee66311"
dependencies = [
"libc",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "annotate-snippets"
version = "0.9.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ccaf7e9dfbb6ab22c82e473cd1a8a7bd313c19a5b7e40970f3d89ef5a5c9e81e"
dependencies = [
"unicode-width 0.1.14",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "ansi-to-tui"
version = "7.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "67555e1f1ece39d737e28c8a017721287753af3f93225e4a445b29ccb0f5912c"
dependencies = [
"nom",
"ratatui",
"simdutf8",
"smallvec",
"thiserror 1.0.69",
]
[[package]]
name = "anstream"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.6.19"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "301af1932e46185686725e0fad2f8f2aa7da69dd70bf6ecc44d6b703844a3933"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anstyle",
"anstyle-parse",
"anstyle-query",
"anstyle-wincon",
"colorchoice",
"is_terminal_polyfill",
"utf8parse",
]
[[package]]
name = "anstyle"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.0.11"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "862ed96ca487e809f1c8e5a8447f6ee2cf102f846893800b20cebdf541fc6bbd"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "anstyle-parse"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.2.7"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "4e7644824f0aa2c7b9384579234ef10eb7efb6a0deb83f9630a49594dd9c15c2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"utf8parse",
]
[[package]]
name = "anstyle-query"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.1.3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "6c8bdeb6047d8983be085bab0ba1472e6dc604e7041dbf6fcd5e71523014fae9"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"windows-sys 0.59.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "anstyle-wincon"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "3.0.9"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "403f75924867bb1033c59fbf0797484329750cfbe3c4325cd33127941fabc882"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anstyle",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"once_cell_polyfill",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"windows-sys 0.59.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "anyhow"
chore(deps): bump anyhow from 1.0.99 to 1.0.100 in /codex-rs (#4802) Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.99 to 1.0.100. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/anyhow/releases">anyhow's releases</a>.</em></p> <blockquote> <h2>1.0.100</h2> <ul> <li>Teach clippy to lint formatting arguments in <code>bail!</code>, <code>ensure!</code>, <code>anyhow!</code> (<a href="https://redirect.github.com/dtolnay/anyhow/issues/426">#426</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/anyhow/commit/18c2598afa0f996f56217ef128aa3a20ea1e9512"><code>18c2598</code></a> Release 1.0.100</li> <li><a href="https://github.com/dtolnay/anyhow/commit/f2719888cb2f4f033c441cf6723cea1c532c0c87"><code>f271988</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/426">#426</a> from dtolnay/clippyfmt</li> <li><a href="https://github.com/dtolnay/anyhow/commit/52f2115a1fe22a79110747f19e35f01d52bdd1af"><code>52f2115</code></a> Mark macros with clippy::format_args</li> <li><a href="https://github.com/dtolnay/anyhow/commit/da5fd9d5a33c2949bc3ee3075d8d6f9e224363d5"><code>da5fd9d</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/anyhow/commit/211e4092b7e1fb1c6f5d22063474e5b2f8dd0f16"><code>211e409</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/anyhow/commit/b48fc02c327c502a81fcc2b46318eb61fda6b7b3"><code>b48fc02</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/anyhow/commit/d5f59fbd45db00982bc0ea490edbe331ef8cab26"><code>d5f59fb</code></a> Update ui test suite to nightly-2025-09-07</li> <li><a href="https://github.com/dtolnay/anyhow/commit/238415d25b65dcf73ab2e3741d7adc56615af8c3"><code>238415d</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/anyhow/commit/3bab0709a347b90de15c5eaaf3779904cfcc1ac6"><code>3bab070</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/anyhow/commit/42492546e3b5510378d0ee32b659fefee1f26158"><code>4249254</code></a> Order cap-lints flag in the same order as thiserror build script</li> <li>See full diff in <a href="https://github.com/dtolnay/anyhow/compare/1.0.99...1.0.100">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anyhow&package-manager=cargo&previous-version=1.0.99&new-version=1.0.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:33 -07:00
version = "1.0.100"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump anyhow from 1.0.99 to 1.0.100 in /codex-rs (#4802) Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.99 to 1.0.100. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/anyhow/releases">anyhow's releases</a>.</em></p> <blockquote> <h2>1.0.100</h2> <ul> <li>Teach clippy to lint formatting arguments in <code>bail!</code>, <code>ensure!</code>, <code>anyhow!</code> (<a href="https://redirect.github.com/dtolnay/anyhow/issues/426">#426</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/anyhow/commit/18c2598afa0f996f56217ef128aa3a20ea1e9512"><code>18c2598</code></a> Release 1.0.100</li> <li><a href="https://github.com/dtolnay/anyhow/commit/f2719888cb2f4f033c441cf6723cea1c532c0c87"><code>f271988</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/426">#426</a> from dtolnay/clippyfmt</li> <li><a href="https://github.com/dtolnay/anyhow/commit/52f2115a1fe22a79110747f19e35f01d52bdd1af"><code>52f2115</code></a> Mark macros with clippy::format_args</li> <li><a href="https://github.com/dtolnay/anyhow/commit/da5fd9d5a33c2949bc3ee3075d8d6f9e224363d5"><code>da5fd9d</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/anyhow/commit/211e4092b7e1fb1c6f5d22063474e5b2f8dd0f16"><code>211e409</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/anyhow/commit/b48fc02c327c502a81fcc2b46318eb61fda6b7b3"><code>b48fc02</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/anyhow/commit/d5f59fbd45db00982bc0ea490edbe331ef8cab26"><code>d5f59fb</code></a> Update ui test suite to nightly-2025-09-07</li> <li><a href="https://github.com/dtolnay/anyhow/commit/238415d25b65dcf73ab2e3741d7adc56615af8c3"><code>238415d</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/anyhow/commit/3bab0709a347b90de15c5eaaf3779904cfcc1ac6"><code>3bab070</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/anyhow/commit/42492546e3b5510378d0ee32b659fefee1f26158"><code>4249254</code></a> Order cap-lints flag in the same order as thiserror build script</li> <li>See full diff in <a href="https://github.com/dtolnay/anyhow/compare/1.0.99...1.0.100">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anyhow&package-manager=cargo&previous-version=1.0.99&new-version=1.0.100)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:33 -07:00
checksum = "a23eb6b1614318a8071c9b2521f36b424b2c83db5eb3a0fead4a6c0809af6e61"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
[[package]]
name = "app_test_support"
version = "0.0.0"
dependencies = [
"anyhow",
"assert_cmd",
[app-server] read rate limits API (#5302) Adds a `GET account/rateLimits/read` API to app-server. This calls the codex backend to fetch the user's current rate limits. This would be helpful in checking rate limits without having to send a message. For calling the codex backend usage API, I generated the types and manually copied the relevant ones into `codex-backend-openapi-types`. It'll be nice to extend our internal openapi generator to support Rust so we don't have to run these manual steps. # External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes.
2025-10-20 14:11:54 -07:00
"base64",
"chrono",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-app-server-protocol",
[app-server] read rate limits API (#5302) Adds a `GET account/rateLimits/read` API to app-server. This calls the codex backend to fetch the user's current rate limits. This would be helpful in checking rate limits without having to send a message. For calling the codex backend usage API, I generated the types and manually copied the relevant ones into `codex-backend-openapi-types`. It'll be nice to extend our internal openapi generator to support Rust so we don't have to run these manual steps. # External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes.
2025-10-20 14:11:54 -07:00
"codex-core",
[app-server] feat: v2 Thread APIs (#6214) Implements: ``` thread/list thread/start thread/resume thread/archive ``` along with their integration tests. These are relatively light wrappers around the existing core logic, and changes to core logic are minimal. However, an improvement made for developer ergonomics: - `thread/start` and `thread/resume` automatically attaches a conversation listener internally, so clients don't have to make a separate `AddConversationListener` call like they do today. For consistency, also updated `model/list` and `feedback/upload` (naming conventions, list API params).
2025-11-05 12:28:43 -08:00
"codex-protocol",
Migrate coverage to shell_command (#7042)
2025-11-20 19:44:00 -08:00
"core_test_support",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"serde",
"serde_json",
Migrate coverage to shell_command (#7042)
2025-11-20 19:44:00 -08:00
"shlex",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"tokio",
[app-server] feat: v2 Thread APIs (#6214) Implements: ``` thread/list thread/start thread/resume thread/archive ``` along with their integration tests. These are relatively light wrappers around the existing core logic, and changes to core logic are minimal. However, an improvement made for developer ergonomics: - `thread/start` and `thread/resume` automatically attaches a conversation listener internally, so clients don't have to make a separate `AddConversationListener` call like they do today. For consistency, also updated `model/list` and `feedback/upload` (naming conventions, list API params).
2025-11-05 12:28:43 -08:00
"uuid",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"wiremock",
]
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
[[package]]
name = "arboard"
chore(deps): bump arboard from 3.6.0 to 3.6.1 in /codex-rs (#7426) Bumps [arboard](https://github.com/1Password/arboard) from 3.6.0 to 3.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/1Password/arboard/releases">arboard's releases</a>.</em></p> <blockquote> <h2>v3.6.1</h2> <p>This release focuses on improving compatibility with data in the real world and bug fixes. It also includes a new <code>Set</code> API for working with file paths via drag-and-drop interfaces across Linux, macOS, and Windows.</p> <p>This release also marks the start of exclusively publishing changelogs via GitHub Releases. The old <code>CHANGELOG.md</code> has been removed due to maintenance overhead and duplication. <a href="https://github.com/1Password/arboard/releases/tag/v3.6.0">v3.6.0</a> is the last revision to include this file.</p> <h3>Added</h3> <ul> <li>Add support for pasting lists of files via <code>Set::file_list</code> interface by <a href="https://github.com/Gae24"><code>@​Gae24</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/181">1Password/arboard#181</a></li> <li>Support <code>windows-sys</code> 0.60 in <code>arboard</code>'s allowed version range by <a href="https://github.com/complexspaces"><code>@​complexspaces</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/201">1Password/arboard#201</a></li> </ul> <h3>Changed</h3> <ul> <li>Fix grammar and typos by <a href="https://github.com/complexspaces"><code>@​complexspaces</code></a> and <a href="https://github.com/gagath"><code>@​gagath</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/194">1Password/arboard#194</a> and <a href="https://redirect.github.com/1Password/arboard/pull/196">1Password/arboard#196</a></li> <li>Prefer PNG when pasting images on Windows by <a href="https://github.com/wcassels"><code>@​wcassels</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a> <ul> <li>Note: This change greatly increases compatibility for &quot;complicated&quot; images that contain alpha values and/or transparent pixels. Support for transparency in <code>BITMAP</code> formats is ill-defined and inconsistently implemented in the wild, but is consistent in <code>PNG</code>. Most applications loading images onto the clipboard include <code>PNG</code>-encoded data already.</li> </ul> </li> <li>Bitmap images pasted on Windows now use the <code>image</code> crate instead of a homegrown internal parser. <ul> <li>This <strong>should not</strong> regress any existing Bitmap use cases and instead will provide more consistent and robust parsing. If you notice something now broken, please open an issue!</li> </ul> </li> </ul> <h3>Fixed</h3> <ul> <li>Remove silent dropping of file paths when non-UTF8 was mixed in on Linux by <a href="https://github.com/Gae24"><code>@​Gae24</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/197">1Password/arboard#197</a></li> <li>Fix parsing of 24-bit bitmaps on Windows by <a href="https://github.com/wcassels"><code>@​wcassels</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a> <ul> <li>Example: Images with transparency copied by Firefox are now handled correctly, among others.</li> </ul> </li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gagath"><code>@​gagath</code></a> made their first contribution in <a href="https://redirect.github.com/1Password/arboard/pull/196">1Password/arboard#196</a></li> <li><a href="https://github.com/wcassels"><code>@​wcassels</code></a> made their first contribution in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1">https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/1Password/arboard/commit/a3750c79a5d63f3987317e03c412b7d9dffdc2af"><code>a3750c7</code></a> Release 3.6.1</li> <li><a href="https://github.com/1Password/arboard/commit/edcce2cd6b336c5dda98ef860648a9e4babf272f"><code>edcce2c</code></a> Remove CHANGELOG.md in favor of GitHub releases</li> <li><a href="https://github.com/1Password/arboard/commit/26a96a6199ab7903e709bbe0acb87599b8450749"><code>26a96a6</code></a> Bump windows-sys semver range to support 0.60.x</li> <li><a href="https://github.com/1Password/arboard/commit/7bdd1c11754cb3b09b2c8270a7c51386194d0542"><code>7bdd1c1</code></a> Update errno for windows-sys 0.60 flexibility</li> <li><a href="https://github.com/1Password/arboard/commit/55c0b260c47920e0e880bbf1fbe9d1772162bc8e"><code>55c0b26</code></a> read/write_unaligned rather than using manual field offsets</li> <li><a href="https://github.com/1Password/arboard/commit/ff15a093d6e9c1c3cbc9b6b56fd6799575f6254e"><code>ff15a09</code></a> Return conversionFailure instead of adhoc errors</li> <li><a href="https://github.com/1Password/arboard/commit/16ef18113f5ab1793e9761df192cc699b8fd2113"><code>16ef181</code></a> Implement fetching PNG on Windows and prefer over DIB when available</li> <li><a href="https://github.com/1Password/arboard/commit/a3c64f9a9362d3c2410092031ab571f6ae3efe5c"><code>a3c64f9</code></a> Add a couple of end-to-end DIBV5 tests</li> <li><a href="https://github.com/1Password/arboard/commit/e6008eaa9164fc2d202fbfa1ed6ea3419169f2c9"><code>e6008ea</code></a> Use image for reading DIB and try to make it do the right thing for 32-bit BI...</li> <li><a href="https://github.com/1Password/arboard/commit/17ef05ce130557823750c26e482b25b2cee1e115"><code>17ef05c</code></a> add <code>file_list</code> to <code>Set</code> interface (<a href="https://redirect.github.com/1Password/arboard/issues/181">#181</a>)</li> <li>Additional commits viewable in <a href="https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=arboard&package-manager=cargo&previous-version=3.6.0&new-version=3.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:20:45 -08:00
version = "3.6.1"
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump arboard from 3.6.0 to 3.6.1 in /codex-rs (#7426) Bumps [arboard](https://github.com/1Password/arboard) from 3.6.0 to 3.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/1Password/arboard/releases">arboard's releases</a>.</em></p> <blockquote> <h2>v3.6.1</h2> <p>This release focuses on improving compatibility with data in the real world and bug fixes. It also includes a new <code>Set</code> API for working with file paths via drag-and-drop interfaces across Linux, macOS, and Windows.</p> <p>This release also marks the start of exclusively publishing changelogs via GitHub Releases. The old <code>CHANGELOG.md</code> has been removed due to maintenance overhead and duplication. <a href="https://github.com/1Password/arboard/releases/tag/v3.6.0">v3.6.0</a> is the last revision to include this file.</p> <h3>Added</h3> <ul> <li>Add support for pasting lists of files via <code>Set::file_list</code> interface by <a href="https://github.com/Gae24"><code>@​Gae24</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/181">1Password/arboard#181</a></li> <li>Support <code>windows-sys</code> 0.60 in <code>arboard</code>'s allowed version range by <a href="https://github.com/complexspaces"><code>@​complexspaces</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/201">1Password/arboard#201</a></li> </ul> <h3>Changed</h3> <ul> <li>Fix grammar and typos by <a href="https://github.com/complexspaces"><code>@​complexspaces</code></a> and <a href="https://github.com/gagath"><code>@​gagath</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/194">1Password/arboard#194</a> and <a href="https://redirect.github.com/1Password/arboard/pull/196">1Password/arboard#196</a></li> <li>Prefer PNG when pasting images on Windows by <a href="https://github.com/wcassels"><code>@​wcassels</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a> <ul> <li>Note: This change greatly increases compatibility for &quot;complicated&quot; images that contain alpha values and/or transparent pixels. Support for transparency in <code>BITMAP</code> formats is ill-defined and inconsistently implemented in the wild, but is consistent in <code>PNG</code>. Most applications loading images onto the clipboard include <code>PNG</code>-encoded data already.</li> </ul> </li> <li>Bitmap images pasted on Windows now use the <code>image</code> crate instead of a homegrown internal parser. <ul> <li>This <strong>should not</strong> regress any existing Bitmap use cases and instead will provide more consistent and robust parsing. If you notice something now broken, please open an issue!</li> </ul> </li> </ul> <h3>Fixed</h3> <ul> <li>Remove silent dropping of file paths when non-UTF8 was mixed in on Linux by <a href="https://github.com/Gae24"><code>@​Gae24</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/197">1Password/arboard#197</a></li> <li>Fix parsing of 24-bit bitmaps on Windows by <a href="https://github.com/wcassels"><code>@​wcassels</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a> <ul> <li>Example: Images with transparency copied by Firefox are now handled correctly, among others.</li> </ul> </li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gagath"><code>@​gagath</code></a> made their first contribution in <a href="https://redirect.github.com/1Password/arboard/pull/196">1Password/arboard#196</a></li> <li><a href="https://github.com/wcassels"><code>@​wcassels</code></a> made their first contribution in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1">https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/1Password/arboard/commit/a3750c79a5d63f3987317e03c412b7d9dffdc2af"><code>a3750c7</code></a> Release 3.6.1</li> <li><a href="https://github.com/1Password/arboard/commit/edcce2cd6b336c5dda98ef860648a9e4babf272f"><code>edcce2c</code></a> Remove CHANGELOG.md in favor of GitHub releases</li> <li><a href="https://github.com/1Password/arboard/commit/26a96a6199ab7903e709bbe0acb87599b8450749"><code>26a96a6</code></a> Bump windows-sys semver range to support 0.60.x</li> <li><a href="https://github.com/1Password/arboard/commit/7bdd1c11754cb3b09b2c8270a7c51386194d0542"><code>7bdd1c1</code></a> Update errno for windows-sys 0.60 flexibility</li> <li><a href="https://github.com/1Password/arboard/commit/55c0b260c47920e0e880bbf1fbe9d1772162bc8e"><code>55c0b26</code></a> read/write_unaligned rather than using manual field offsets</li> <li><a href="https://github.com/1Password/arboard/commit/ff15a093d6e9c1c3cbc9b6b56fd6799575f6254e"><code>ff15a09</code></a> Return conversionFailure instead of adhoc errors</li> <li><a href="https://github.com/1Password/arboard/commit/16ef18113f5ab1793e9761df192cc699b8fd2113"><code>16ef181</code></a> Implement fetching PNG on Windows and prefer over DIB when available</li> <li><a href="https://github.com/1Password/arboard/commit/a3c64f9a9362d3c2410092031ab571f6ae3efe5c"><code>a3c64f9</code></a> Add a couple of end-to-end DIBV5 tests</li> <li><a href="https://github.com/1Password/arboard/commit/e6008eaa9164fc2d202fbfa1ed6ea3419169f2c9"><code>e6008ea</code></a> Use image for reading DIB and try to make it do the right thing for 32-bit BI...</li> <li><a href="https://github.com/1Password/arboard/commit/17ef05ce130557823750c26e482b25b2cee1e115"><code>17ef05c</code></a> add <code>file_list</code> to <code>Set</code> interface (<a href="https://redirect.github.com/1Password/arboard/issues/181">#181</a>)</li> <li>Additional commits viewable in <a href="https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=arboard&package-manager=cargo&previous-version=3.6.0&new-version=3.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:20:45 -08:00
checksum = "0348a1c054491f4bfe6ab86a7b6ab1e44e45d899005de92f58b3df180b36ddaf"
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
dependencies = [
"clipboard-win",
"image",
"log",
"objc2",
"objc2-app-kit",
"objc2-core-foundation",
"objc2-core-graphics",
"objc2-foundation",
"parking_lot",
"percent-encoding",
chore(deps): bump arboard from 3.6.0 to 3.6.1 in /codex-rs (#7426) Bumps [arboard](https://github.com/1Password/arboard) from 3.6.0 to 3.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/1Password/arboard/releases">arboard's releases</a>.</em></p> <blockquote> <h2>v3.6.1</h2> <p>This release focuses on improving compatibility with data in the real world and bug fixes. It also includes a new <code>Set</code> API for working with file paths via drag-and-drop interfaces across Linux, macOS, and Windows.</p> <p>This release also marks the start of exclusively publishing changelogs via GitHub Releases. The old <code>CHANGELOG.md</code> has been removed due to maintenance overhead and duplication. <a href="https://github.com/1Password/arboard/releases/tag/v3.6.0">v3.6.0</a> is the last revision to include this file.</p> <h3>Added</h3> <ul> <li>Add support for pasting lists of files via <code>Set::file_list</code> interface by <a href="https://github.com/Gae24"><code>@​Gae24</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/181">1Password/arboard#181</a></li> <li>Support <code>windows-sys</code> 0.60 in <code>arboard</code>'s allowed version range by <a href="https://github.com/complexspaces"><code>@​complexspaces</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/201">1Password/arboard#201</a></li> </ul> <h3>Changed</h3> <ul> <li>Fix grammar and typos by <a href="https://github.com/complexspaces"><code>@​complexspaces</code></a> and <a href="https://github.com/gagath"><code>@​gagath</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/194">1Password/arboard#194</a> and <a href="https://redirect.github.com/1Password/arboard/pull/196">1Password/arboard#196</a></li> <li>Prefer PNG when pasting images on Windows by <a href="https://github.com/wcassels"><code>@​wcassels</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a> <ul> <li>Note: This change greatly increases compatibility for &quot;complicated&quot; images that contain alpha values and/or transparent pixels. Support for transparency in <code>BITMAP</code> formats is ill-defined and inconsistently implemented in the wild, but is consistent in <code>PNG</code>. Most applications loading images onto the clipboard include <code>PNG</code>-encoded data already.</li> </ul> </li> <li>Bitmap images pasted on Windows now use the <code>image</code> crate instead of a homegrown internal parser. <ul> <li>This <strong>should not</strong> regress any existing Bitmap use cases and instead will provide more consistent and robust parsing. If you notice something now broken, please open an issue!</li> </ul> </li> </ul> <h3>Fixed</h3> <ul> <li>Remove silent dropping of file paths when non-UTF8 was mixed in on Linux by <a href="https://github.com/Gae24"><code>@​Gae24</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/197">1Password/arboard#197</a></li> <li>Fix parsing of 24-bit bitmaps on Windows by <a href="https://github.com/wcassels"><code>@​wcassels</code></a> in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a> <ul> <li>Example: Images with transparency copied by Firefox are now handled correctly, among others.</li> </ul> </li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gagath"><code>@​gagath</code></a> made their first contribution in <a href="https://redirect.github.com/1Password/arboard/pull/196">1Password/arboard#196</a></li> <li><a href="https://github.com/wcassels"><code>@​wcassels</code></a> made their first contribution in <a href="https://redirect.github.com/1Password/arboard/pull/198">1Password/arboard#198</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1">https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/1Password/arboard/commit/a3750c79a5d63f3987317e03c412b7d9dffdc2af"><code>a3750c7</code></a> Release 3.6.1</li> <li><a href="https://github.com/1Password/arboard/commit/edcce2cd6b336c5dda98ef860648a9e4babf272f"><code>edcce2c</code></a> Remove CHANGELOG.md in favor of GitHub releases</li> <li><a href="https://github.com/1Password/arboard/commit/26a96a6199ab7903e709bbe0acb87599b8450749"><code>26a96a6</code></a> Bump windows-sys semver range to support 0.60.x</li> <li><a href="https://github.com/1Password/arboard/commit/7bdd1c11754cb3b09b2c8270a7c51386194d0542"><code>7bdd1c1</code></a> Update errno for windows-sys 0.60 flexibility</li> <li><a href="https://github.com/1Password/arboard/commit/55c0b260c47920e0e880bbf1fbe9d1772162bc8e"><code>55c0b26</code></a> read/write_unaligned rather than using manual field offsets</li> <li><a href="https://github.com/1Password/arboard/commit/ff15a093d6e9c1c3cbc9b6b56fd6799575f6254e"><code>ff15a09</code></a> Return conversionFailure instead of adhoc errors</li> <li><a href="https://github.com/1Password/arboard/commit/16ef18113f5ab1793e9761df192cc699b8fd2113"><code>16ef181</code></a> Implement fetching PNG on Windows and prefer over DIB when available</li> <li><a href="https://github.com/1Password/arboard/commit/a3c64f9a9362d3c2410092031ab571f6ae3efe5c"><code>a3c64f9</code></a> Add a couple of end-to-end DIBV5 tests</li> <li><a href="https://github.com/1Password/arboard/commit/e6008eaa9164fc2d202fbfa1ed6ea3419169f2c9"><code>e6008ea</code></a> Use image for reading DIB and try to make it do the right thing for 32-bit BI...</li> <li><a href="https://github.com/1Password/arboard/commit/17ef05ce130557823750c26e482b25b2cee1e115"><code>17ef05c</code></a> add <code>file_list</code> to <code>Set</code> interface (<a href="https://redirect.github.com/1Password/arboard/issues/181">#181</a>)</li> <li>Additional commits viewable in <a href="https://github.com/1Password/arboard/compare/v3.6.0...v3.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=arboard&package-manager=cargo&previous-version=3.6.0&new-version=3.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:20:45 -08:00
"windows-sys 0.60.2",
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
"wl-clipboard-rs",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"x11rb",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "arrayvec"
version = "0.7.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7c02d123df017efcdfbd739ef81735b36c5ba83ec3c59c80a9d7ecc718f92e50"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "ascii"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d92bec98840b8f03a5ff5413de5293bfcd8bf96467cf5452609f939ec6f5de16"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "ascii-canvas"
version = "3.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8824ecca2e851cec16968d54a01dd372ef8f95b244fb84b84e70128be347c3c6"
dependencies = [
"term",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "assert-json-diff"
version = "2.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "47e4f2b81832e72834d7518d8487a0396a28cc408186a2e8854c0f98011faf12"
dependencies = [
"serde",
"serde_json",
]
[[package]]
name = "assert_cmd"
version = "2.0.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2bd389a4b2970a01282ee455294913c0a43724daedcd1a24c3eb0ec1c1320b66"
dependencies = [
"anstyle",
"bstr",
"doc-comment",
"libc",
"predicates",
"predicates-core",
"predicates-tree",
"wait-timeout",
]
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
[[package]]
name = "assert_matches"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9b34d609dfbaf33d6889b2b7106d3ca345eacad44200913df5ba02bfd31d2ba9"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "async-broadcast"
version = "0.7.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "435a87a52755b8f27fcf321ac4f04b2802e337c8c4872923137471ec39c37532"
dependencies = [
"event-listener",
"event-listener-strategy",
"futures-core",
"pin-project-lite",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "async-channel"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "2.5.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "924ed96dd52d1b75e9c1a3e6275715fd320f5f9439fb5a4a11fa51f4221158d2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"concurrent-queue",
"event-listener-strategy",
"futures-core",
"pin-project-lite",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "async-executor"
version = "1.13.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "497c00e0fd83a72a79a39fcbd8e3e2f055d6f6c7e025f3b3d91f4f8e76527fb8"
dependencies = [
"async-task",
"concurrent-queue",
"fastrand",
"futures-lite",
"pin-project-lite",
"slab",
]
[[package]]
name = "async-fs"
version = "2.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8034a681df4aed8b8edbd7fbe472401ecf009251c8b40556b304567052e294c5"
dependencies = [
"async-lock",
"blocking",
"futures-lite",
]
[[package]]
name = "async-io"
version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "456b8a8feb6f42d237746d4b3e9a178494627745c3c56c6ea55d92ba50d026fc"
dependencies = [
"autocfg",
"cfg-if",
"concurrent-queue",
"futures-io",
"futures-lite",
"parking",
"polling",
"rustix 1.0.8",
"slab",
"windows-sys 0.61.1",
]
[[package]]
name = "async-lock"
version = "3.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5fd03604047cee9b6ce9de9f70c6cd540a0520c813cbd49bae61f33ab80ed1dc"
dependencies = [
"event-listener",
"event-listener-strategy",
"pin-project-lite",
]
[[package]]
name = "async-process"
version = "2.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc50921ec0055cdd8a16de48773bfeec5c972598674347252c0399676be7da75"
dependencies = [
"async-channel",
"async-io",
"async-lock",
"async-signal",
"async-task",
"blocking",
"cfg-if",
"event-listener",
"futures-lite",
"rustix 1.0.8",
]
[[package]]
name = "async-recursion"
version = "1.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3b43422f69d8ff38f95f1b2bb76517c91589a924d1559a0e935d7c8ce0274c11"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
]
[[package]]
name = "async-signal"
version = "0.2.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "43c070bbf59cd3570b6b2dd54cd772527c7c3620fce8be898406dd3ed6adc64c"
dependencies = [
"async-io",
"async-lock",
"atomic-waker",
"cfg-if",
"futures-core",
"futures-io",
"rustix 1.0.8",
"signal-hook-registry",
"slab",
"windows-sys 0.61.1",
]
Add SSE Response parser tests (#1541) ## Summary - add `tokio-test` dev dependency - implement response stream parsing unit tests ## Testing - `cargo clippy -p codex-core --tests -- -D warnings` - `cargo test -p codex-core -- --nocapture` ------ https://chatgpt.com/codex/tasks/task_i_687163f3b2208321a6ce2adbef3fbc06
2025-07-14 14:51:32 -07:00
[[package]]
name = "async-stream"
version = "0.3.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0b5a71a6f37880a80d1d7f19efd781e4b5de42c88f0722cc13bcb6cc2cfe8476"
dependencies = [
"async-stream-impl",
"futures-core",
"pin-project-lite",
]
[[package]]
name = "async-stream-impl"
version = "0.3.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c7c24de15d275a1ecfd47a380fb4d5ec9bfe0933f309ed5e705b775596a3574d"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
Add SSE Response parser tests (#1541) ## Summary - add `tokio-test` dev dependency - implement response stream parsing unit tests ## Testing - `cargo clippy -p codex-core --tests -- -D warnings` - `cargo test -p codex-core -- --nocapture` ------ https://chatgpt.com/codex/tasks/task_i_687163f3b2208321a6ce2adbef3fbc06
2025-07-14 14:51:32 -07:00
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "async-task"
version = "4.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8b75356056920673b02621b35afd0f7dda9306d03c79a30f5c56c44cf256e3de"
feat: readiness tool (#4090) Readiness flag with token-based subscription and async wait function that waits for all the subscribers to be ready
2025-09-23 17:27:20 +01:00
[[package]]
name = "async-trait"
version = "0.1.89"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9035ad2d096bed7955a320ee7e2230574d28fd3c3a0f186cbea1ff3c7eed5dbb"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: readiness tool (#4090) Readiness flag with token-based subscription and async wait function that waits for all the subscribers to be ready
2025-09-23 17:27:20 +01:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "atomic-waker"
version = "1.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1505bd5d3d116872e7271a6d4e16d81d0c8570876c8de68093a09ac269d8aac0"
[[package]]
name = "autocfg"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.5.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "c08606f8c3cbf4ce6ec8e28fb0014a2c086708fe954eaa885384a6165172e7e8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
[[package]]
name = "axum"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.8.4"
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "021e862c184ae977658b36c4500f7feac3221ca5da43e3f25bd04ab6c79a29b5"
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
dependencies = [
"axum-core",
"bytes",
"futures-util",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"http-body",
"http-body-util",
"hyper",
"hyper-util",
"itoa",
"matchit",
"memchr",
"mime",
"percent-encoding",
"pin-project-lite",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"rustversion",
"serde",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"sync_wrapper",
"tokio",
"tower",
"tower-layer",
"tower-service",
]
[[package]]
name = "axum-core"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.5.2"
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "68464cd0412f486726fb3373129ef5d2993f90c34bc2bc1c1e9943b2f4fc7ca6"
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
dependencies = [
"bytes",
"futures-core",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"http-body",
"http-body-util",
"mime",
"pin-project-lite",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"rustversion",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"sync_wrapper",
"tower-layer",
"tower-service",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "backtrace"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.3.75"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "6806a6321ec58106fea15becdad98371e28d92ccbc7c8f1b3b6dd724fe8f1002"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"addr2line",
"cfg-if",
"libc",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"miniz_oxide",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"object",
"rustc-demangle",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"windows-targets 0.52.6",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "base64"
version = "0.22.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "base64ct"
version = "1.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0e050f626429857a27ddccb31e0aca21356bfa709c04041aefddac081a8f068a"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "beef"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3a8241f3ebb85c056b509d4327ad0358fbbba6ffb340bf388f26350aeda225b1"
[[package]]
name = "bit-set"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1"
dependencies = [
"bit-vec",
]
[[package]]
name = "bit-vec"
version = "0.6.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb"
[[package]]
name = "bitflags"
version = "1.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "bitflags"
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
version = "2.10.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
checksum = "812e12b5285cc515a9c72a5c1d3b6d46a19dac5acfef5265968c166106e31dd3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
[[package]]
name = "block-buffer"
version = "0.10.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
dependencies = [
"generic-array",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "block-padding"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93"
dependencies = [
"generic-array",
]
[[package]]
name = "blocking"
version = "1.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e83f8d02be6967315521be875afa792a316e28d57b5a2d401897e2a7921b7f21"
dependencies = [
"async-channel",
"async-task",
"futures-io",
"futures-lite",
"piper",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "bstr"
version = "1.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "234113d19d0d7d613b40e86fb654acf958910802bcceab913a4f9e7cda03b1a4"
dependencies = [
"memchr",
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"regex-automata",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"serde",
]
[[package]]
name = "bumpalo"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "3.19.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "bytemuck"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.23.1"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "5c76a5792e44e4abe34d3abf15636779261d45a7450612059293d1d2cfc63422"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "byteorder"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1fd0f2584146f6f2ef48085050886acf353beff7305ebd1ae69500e27c67f64b"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "byteorder-lite"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8f1fe948ff07f4bd06c30984e69f5b4899c516a3ef74f34df92a2df2ab535495"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "bytes"
version = "1.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "bytestring"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "113b4343b5f6617e7ad401ced8de3cc8b012e73a594347c307b90db3e9271289"
dependencies = [
"bytes",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "cassowary"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df8670b8c7b9dae1793364eafadf7239c40d669904660c5960d74cfd80b46a53"
[[package]]
name = "castaway"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
version = "0.2.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
checksum = "dec551ab6e7578819132c713a93c022a05d60159dc86e7a7050223577484c55a"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"rustversion",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "cbc"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26b52a9543ae338f279b96b0b9fed9c8093744685043739079ce85cd58f289a6"
dependencies = [
"cipher",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "cc"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.2.30"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "deec109607ca693028562ed836a5f1c4b8bd77755c4e132fc5ce11b0b6211ae7"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"shlex",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "cesu8"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6d43a04d8753f35258c91f8ec639f792891f748a1edbd759cf1dcea3382ad83c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "cfg-if"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "9555578bc9e57714c812a1f84e4fc5b4d21fcb063490c624de019f7464c91268"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "cfg_aliases"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fd16c4719339c4530435d38e511904438d07cce7950afa3718a84ac36c10e89e"
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "cfg_aliases"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "613afe47fcd5fac7ccf1db93babcb082c5994d996f20b8b159f2ad1658eb5724"
Fix: Improve text encoding for shell output in VSCode preview (#6178) (#6182) ## 🐛 Problem Users running commands with non-ASCII characters (like Russian text "пример") in Windows/WSL environments experience garbled text in VSCode's shell preview window, with Unicode replacement characters (�) appearing instead of the actual text. **Issue**: https://github.com/openai/codex/issues/6178 ## 🔧 Root Cause The issue was in `StreamOutput<Vec<u8>>::from_utf8_lossy()` method in `codex-rs/core/src/exec.rs`, which used `String::from_utf8_lossy()` to convert shell output bytes to strings. This function immediately replaces any invalid UTF-8 byte sequences with replacement characters, without attempting to decode using other common encodings. In Windows/WSL environments, shell output often uses encodings like: - Windows-1252 (common Windows encoding) - Latin-1/ISO-8859-1 (extended ASCII) ## 🛠️ Solution Replaced the simple `String::from_utf8_lossy()` call with intelligent encoding detection via a new `bytes_to_string_smart()` function that tries multiple encoding strategies: 1. **UTF-8** (fast path for valid UTF-8) 2. **Windows-1252** (handles Windows-specific characters in 0x80-0x9F range) 3. **Latin-1** (fallback for extended ASCII) 4. **Lossy UTF-8** (final fallback, same as before) ## 📁 Changes ### New Files - `codex-rs/core/src/text_encoding.rs` - Smart encoding detection module - `codex-rs/core/tests/suite/text_encoding_fix.rs` - Integration tests ### Modified Files - `codex-rs/core/src/lib.rs` - Added text_encoding module - `codex-rs/core/src/exec.rs` - Updated StreamOutput::from_utf8_lossy() - `codex-rs/core/tests/suite/mod.rs` - Registered new test module ## ✅ Testing - **5 unit tests** covering UTF-8, Windows-1252, Latin-1, and fallback scenarios - **2 integration tests** simulating the exact Issue #6178 scenario - **Demonstrates improvement** over the previous `String::from_utf8_lossy()` approach All tests pass: ```bash cargo test -p codex-core text_encoding cargo test -p codex-core test_shell_output_encoding_issue_6178 ``` ## 🎯 Impact - ✅ **Eliminates garbled text** in VSCode shell preview for non-ASCII content - ✅ **Supports Windows/WSL environments** with proper encoding detection - ✅ **Zero performance impact** for UTF-8 text (fast path) - ✅ **Backward compatible** - UTF-8 content works exactly as before - ✅ **Handles edge cases** with robust fallback mechanism ## 🧪 Test Scenarios The fix has been tested with: - Russian text ("пример") - Windows-1252 quotation marks (""test") - Latin-1 accented characters ("café") - Mixed encoding content - Invalid byte sequences (graceful fallback) ## 📋 Checklist - [X] Addresses the reported issue - [X] Includes comprehensive tests - [X] Maintains backward compatibility - [X] Follows project coding conventions - [X] No breaking changes --------- Co-authored-by: Josh McKinney <joshka@openai.com>
2025-11-21 03:04:11 +08:00
[[package]]
name = "chardetng"
version = "0.1.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "14b8f0b65b7b08ae3c8187e8d77174de20cb6777864c6b832d8ad365999cf1ea"
dependencies = [
"cfg-if",
"encoding_rs",
"memchr",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "chrono"
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
version = "0.4.42"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
checksum = "145052bdd345b87320e369255277e3fb5152762ad123a901ef5c262dd38fe8d2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"iana-time-zone",
"js-sys",
"num-traits",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"serde",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"wasm-bindgen",
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
"windows-link 0.2.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "chunked_transfer"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6e4de3bc4ea267985becf712dc6d9eed8b04c953b3fcfb339ebc87acd9804901"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "cipher"
version = "0.4.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
dependencies = [
"crypto-common",
"inout",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "clap"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "4.5.47"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "7eac00902d9d136acd712710d71823fb8ac8004ca445a89e73a41d45aa712931"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"clap_builder",
"clap_derive",
]
[[package]]
name = "clap_builder"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "4.5.47"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "2ad9bbf750e73b5884fb8a211a9424a1906c1e156724260fdae972f31d70e1d6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anstream",
"anstyle",
"clap_lex",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"strsim 0.11.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"terminal_size",
]
feat: add `codex completion` to generate shell completions (#1491) Once this lands, we can update our brew formula to use `generate_completions_from_executable()` like so: https://github.com/Homebrew/homebrew-core/blob/905238ff7f8f48fdc6f4ae2a9fbdd364bf7c7f9d/Formula/h/hgrep.rb#L21-L25
2025-07-08 21:43:27 -07:00
[[package]]
name = "clap_complete"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "4.5.57"
feat: add `codex completion` to generate shell completions (#1491) Once this lands, we can update our brew formula to use `generate_completions_from_executable()` like so: https://github.com/Homebrew/homebrew-core/blob/905238ff7f8f48fdc6f4ae2a9fbdd364bf7c7f9d/Formula/h/hgrep.rb#L21-L25
2025-07-08 21:43:27 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "4d9501bd3f5f09f7bbee01da9a511073ed30a80cd7a509f1214bb74eadea71ad"
feat: add `codex completion` to generate shell completions (#1491) Once this lands, we can update our brew formula to use `generate_completions_from_executable()` like so: https://github.com/Homebrew/homebrew-core/blob/905238ff7f8f48fdc6f4ae2a9fbdd364bf7c7f9d/Formula/h/hgrep.rb#L21-L25
2025-07-08 21:43:27 -07:00
dependencies = [
"clap",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "clap_derive"
chore(deps): bump clap from 4.5.45 to 4.5.47 in /codex-rs (#3296) Bumps [clap](https://github.com/clap-rs/clap) from 4.5.45 to 4.5.47. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.5.47</h2> <h2>[4.5.47] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Added <code>impl FromArgMatches for ()</code></li> <li>Added <code>impl Args for ()</code></li> <li>Added <code>impl Subcommand for ()</code></li> <li>Added <code>impl FromArgMatches for Infallible</code></li> <li>Added <code>impl Subcommand for Infallible</code></li> </ul> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Update runtime error text to match <code>clap</code></li> </ul> <h2>v4.5.46</h2> <h2>[4.5.46] - 2025-08-26</h2> <h3>Features</h3> <ul> <li>Expose <code>StyledStr::push_str</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.5.47] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Added <code>impl FromArgMatches for ()</code></li> <li>Added <code>impl Args for ()</code></li> <li>Added <code>impl Subcommand for ()</code></li> <li>Added <code>impl FromArgMatches for Infallible</code></li> <li>Added <code>impl Subcommand for Infallible</code></li> </ul> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Update runtime error text to match <code>clap</code></li> </ul> <h2>[4.5.46] - 2025-08-26</h2> <h3>Features</h3> <ul> <li>Expose <code>StyledStr::push_str</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/clap-rs/clap/commit/f046ca6a2b2da2ee0a46cb46544cebaba9f9a45a"><code>f046ca6</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/436949dde1cba64b565b78b7562cda7c6365665d"><code>436949d</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/1ddab84c3243908f4869d5587fe6bd262036a4d5"><code>1ddab84</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5954">#5954</a> from epage/tests</li> <li><a href="https://github.com/clap-rs/clap/commit/8a66dbf7c2c6ca050a65468180bc55a9d8425654"><code>8a66dbf</code></a> test(complete): Add more native cases</li> <li><a href="https://github.com/clap-rs/clap/commit/76465cf22381d9bcf188e35a259225509cebefd4"><code>76465cf</code></a> test(complete): Make things more consistent</li> <li><a href="https://github.com/clap-rs/clap/commit/232cedbe76e861c7cf0a4a7d6c1b79f4dc9a7191"><code>232cedb</code></a> test(complete): Remove redundant index</li> <li><a href="https://github.com/clap-rs/clap/commit/02244a69a3befca1a9bf488b1c258945ae53cfb0"><code>02244a6</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5949">#5949</a> from krobelus/option-name-completions-after-positionals</li> <li><a href="https://github.com/clap-rs/clap/commit/2e13847533d458991e3353b373e679ab65f1c8c3"><code>2e13847</code></a> fix(complete): Missing options in multi-val arg</li> <li><a href="https://github.com/clap-rs/clap/commit/74388d784b999da1f67a12b3481b4478b3d597bc"><code>74388d7</code></a> test(complete): Multi-valued, unbounded positional</li> <li><a href="https://github.com/clap-rs/clap/commit/5b3d45f72c94a4ce2a5a1837d2b40d58b22db1ff"><code>5b3d45f</code></a> refactor(complete): Extract function for options</li> <li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.45...clap_complete-v4.5.47">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.5.45&new-version=4.5.47)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:24:36 -07:00
version = "4.5.47"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump clap from 4.5.45 to 4.5.47 in /codex-rs (#3296) Bumps [clap](https://github.com/clap-rs/clap) from 4.5.45 to 4.5.47. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/releases">clap's releases</a>.</em></p> <blockquote> <h2>v4.5.47</h2> <h2>[4.5.47] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Added <code>impl FromArgMatches for ()</code></li> <li>Added <code>impl Args for ()</code></li> <li>Added <code>impl Subcommand for ()</code></li> <li>Added <code>impl FromArgMatches for Infallible</code></li> <li>Added <code>impl Subcommand for Infallible</code></li> </ul> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Update runtime error text to match <code>clap</code></li> </ul> <h2>v4.5.46</h2> <h2>[4.5.46] - 2025-08-26</h2> <h3>Features</h3> <ul> <li>Expose <code>StyledStr::push_str</code></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/clap-rs/clap/blob/master/CHANGELOG.md">clap's changelog</a>.</em></p> <blockquote> <h2>[4.5.47] - 2025-09-02</h2> <h3>Features</h3> <ul> <li>Added <code>impl FromArgMatches for ()</code></li> <li>Added <code>impl Args for ()</code></li> <li>Added <code>impl Subcommand for ()</code></li> <li>Added <code>impl FromArgMatches for Infallible</code></li> <li>Added <code>impl Subcommand for Infallible</code></li> </ul> <h3>Fixes</h3> <ul> <li><em>(derive)</em> Update runtime error text to match <code>clap</code></li> </ul> <h2>[4.5.46] - 2025-08-26</h2> <h3>Features</h3> <ul> <li>Expose <code>StyledStr::push_str</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/clap-rs/clap/commit/f046ca6a2b2da2ee0a46cb46544cebaba9f9a45a"><code>f046ca6</code></a> chore: Release</li> <li><a href="https://github.com/clap-rs/clap/commit/436949dde1cba64b565b78b7562cda7c6365665d"><code>436949d</code></a> docs: Update changelog</li> <li><a href="https://github.com/clap-rs/clap/commit/1ddab84c3243908f4869d5587fe6bd262036a4d5"><code>1ddab84</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5954">#5954</a> from epage/tests</li> <li><a href="https://github.com/clap-rs/clap/commit/8a66dbf7c2c6ca050a65468180bc55a9d8425654"><code>8a66dbf</code></a> test(complete): Add more native cases</li> <li><a href="https://github.com/clap-rs/clap/commit/76465cf22381d9bcf188e35a259225509cebefd4"><code>76465cf</code></a> test(complete): Make things more consistent</li> <li><a href="https://github.com/clap-rs/clap/commit/232cedbe76e861c7cf0a4a7d6c1b79f4dc9a7191"><code>232cedb</code></a> test(complete): Remove redundant index</li> <li><a href="https://github.com/clap-rs/clap/commit/02244a69a3befca1a9bf488b1c258945ae53cfb0"><code>02244a6</code></a> Merge pull request <a href="https://redirect.github.com/clap-rs/clap/issues/5949">#5949</a> from krobelus/option-name-completions-after-positionals</li> <li><a href="https://github.com/clap-rs/clap/commit/2e13847533d458991e3353b373e679ab65f1c8c3"><code>2e13847</code></a> fix(complete): Missing options in multi-val arg</li> <li><a href="https://github.com/clap-rs/clap/commit/74388d784b999da1f67a12b3481b4478b3d597bc"><code>74388d7</code></a> test(complete): Multi-valued, unbounded positional</li> <li><a href="https://github.com/clap-rs/clap/commit/5b3d45f72c94a4ce2a5a1837d2b40d58b22db1ff"><code>5b3d45f</code></a> refactor(complete): Extract function for options</li> <li>Additional commits viewable in <a href="https://github.com/clap-rs/clap/compare/clap_complete-v4.5.45...clap_complete-v4.5.47">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=clap&package-manager=cargo&previous-version=4.5.45&new-version=4.5.47)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:24:36 -07:00
checksum = "bbfd7eae0b0f1a6e63d4b13c9c478de77c2eb546fba158ad50b4203dc24b9f9c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"heck",
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "clap_lex"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.7.5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "b94f61472cee1439c0b966b47e3aca9ae07e45d070759512cd390ea2bebc6675"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "clipboard-win"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
version = "5.4.1"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
checksum = "bde03770d3df201d4fb868f2c9c59e66a3e4e2bd06692a0fe701e7103c7e84d4"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
"error-code",
]
[[package]]
name = "cmp_any"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e9b18233253483ce2f65329a24072ec414db782531bdbb7d0bbc4bd2ce6b7e21"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "codex-ansi-escape"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"ansi-to-tui",
"ratatui",
"tracing",
]
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
[[package]]
name = "codex-api"
version = "0.0.0"
dependencies = [
"anyhow",
"assert_matches",
"async-trait",
"bytes",
"codex-client",
"codex-protocol",
"eventsource-stream",
"futures",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
"pretty_assertions",
"regex-lite",
Add models endpoint (#7603) - Use the codex-api crate to introduce models endpoint. - Add `models` to codex core tests helpers - Add `ModelsInfo` for the endpoint return type
2025-12-04 12:57:54 -08:00
"reqwest",
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
"serde",
"serde_json",
"thiserror 2.0.17",
"tokio",
"tokio-test",
"tokio-util",
"tracing",
Add models endpoint (#7603) - Use the codex-api crate to introduce models endpoint. - Add `models` to codex core tests helpers - Add `ModelsInfo` for the endpoint return type
2025-12-04 12:57:54 -08:00
"wiremock",
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
]
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
[[package]]
name = "codex-app-server"
version = "0.0.0"
dependencies = [
"anyhow",
"app_test_support",
"assert_cmd",
"base64",
[app-server] read rate limits API (#5302) Adds a `GET account/rateLimits/read` API to app-server. This calls the codex backend to fetch the user's current rate limits. This would be helpful in checking rate limits without having to send a message. For calling the codex backend usage API, I generated the types and manually copied the relevant ones into `codex-backend-openapi-types`. It'll be nice to extend our internal openapi generator to support Rust so we don't have to run these manual steps. # External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes.
2025-10-20 14:11:54 -07:00
"chrono",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-app-server-protocol",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"codex-arg0",
[app-server] read rate limits API (#5302) Adds a `GET account/rateLimits/read` API to app-server. This calls the codex backend to fetch the user's current rate limits. This would be helpful in checking rate limits without having to send a message. For calling the codex backend usage API, I generated the types and manually copied the relevant ones into `codex-backend-openapi-types`. It'll be nice to extend our internal openapi generator to support Rust so we don't have to run these manual steps. # External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes.
2025-10-20 14:11:54 -07:00
"codex-backend-client",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"codex-common",
"codex-core",
Add feedback upload request handling (#5682)
2025-10-26 22:53:39 -07:00
"codex-feedback",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"codex-file-search",
"codex-login",
"codex-protocol",
feat: support mcp in-session login (#7751) ### Summary * Added `mcpServer/oauthLogin` in app server for supporting in session MCP server login * Added `McpServerOauthLoginParams` and `McpServerOauthLoginResponse` to support above method with response returning the auth URL for consumer to open browser or display accordingly. * Added `McpServerOauthLoginCompletedNotification` which the app server would emit on MCP server login success or failure (i.e. timeout). * Refactored rmcp-client oath_login to have the ability on starting a auth server which the codex_message_processor uses for in-session auth.
2025-12-09 17:43:53 -08:00
"codex-rmcp-client",
feat: change ConfigLayerName into a disjoint union rather than a simple enum (#8095) This attempts to tighten up the types related to "config layers." Currently, `ConfigLayerEntry` is defined as follows: https://github.com/openai/codex/blob/bef36f4ae765f471d7cd69372fcf1b92c8f0367a/codex-rs/core/src/config_loader/state.rs#L19-L25 but the `source` field is a bit of a lie, as: - for `ConfigLayerName::Mdm`, it is `"com.openai.codex/config_toml_base64"` - for `ConfigLayerName::SessionFlags`, it is `"--config"` - for `ConfigLayerName::User`, it is `"config.toml"` (just the file name, not the path to the `config.toml` on disk that was read) - for `ConfigLayerName::System`, it seems like it is usually `/etc/codex/managed_config.toml` in practice, though on Windows, it is `%CODEX_HOME%/managed_config.toml`: https://github.com/openai/codex/blob/bef36f4ae765f471d7cd69372fcf1b92c8f0367a/codex-rs/core/src/config_loader/layer_io.rs#L84-L101 All that is to say, in three out of the four `ConfigLayerName`, `source` is a `PathBuf` that is not an absolute path (or even a true path). This PR tries to uplevel things by eliminating `source` from `ConfigLayerEntry` and turning `ConfigLayerName` into a disjoint union named `ConfigLayerSource` that has the appropriate metadata for each variant, favoring the use of `AbsolutePathBuf` where appropriate: ```rust pub enum ConfigLayerSource { /// Managed preferences layer delivered by MDM (macOS only). #[serde(rename_all = "camelCase")] #[ts(rename_all = "camelCase")] Mdm { domain: String, key: String }, /// Managed config layer from a file (usually `managed_config.toml`). #[serde(rename_all = "camelCase")] #[ts(rename_all = "camelCase")] System { file: AbsolutePathBuf }, /// Session-layer overrides supplied via `-c`/`--config`. SessionFlags, /// User config layer from a file (usually `config.toml`). #[serde(rename_all = "camelCase")] #[ts(rename_all = "camelCase")] User { file: AbsolutePathBuf }, } ```
2025-12-17 08:13:59 -08:00
"codex-utils-absolute-path",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"codex-utils-json-to-toml",
"core_test_support",
[App server] add mcp tool call item started/completed events (#6642) this PR does two things: 1. refactor `apply_bespoke_event_handling` into a separate file as it's getting kind of long; 2. add mcp tool call `item/started` and `item/completed` events. To roll out app server events asap we didn't properly migrate mcp core events to use TurnItem for mcp tool calls - this will be a follow-up PR. real events generated in log: ``` { "method": "codex/event/mcp_tool_call_end", "params": { "conversationId": "019a8021-26af-7c20-83db-21ca81e44d68", "id": "0", "msg": { "call_id": "call_7EjRQkD9HnfyMWf7tGrT9FKA", "duration": { "nanos": 92708, "secs": 0 }, "invocation": { "arguments": { "server": "" }, "server": "codex", "tool": "list_mcp_resources" }, "result": { "Ok": { "content": [ { "text": "{\"resources\":[]}", "type": "text" } ], "isError": false } }, "type": "mcp_tool_call_end" } } } { "method": "item/completed", "params": { "item": { "arguments": { "server": "" }, "error": null, "id": "call_7EjRQkD9HnfyMWf7tGrT9FKA", "result": { "content": [ { "text": "{\"resources\":[]}", "type": "text" } ], "structuredContent": null }, "server": "codex", "status": "completed", "tool": "list_mcp_resources", "type": "mcpToolCall" } } } ```
2025-11-14 08:08:43 -08:00
"mcp-types",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"os_info",
"pretty_assertions",
"serde",
"serde_json",
Fixed flaky unit test (#5654) This PR fixes a test that is sporadically failing in CI. The problem is that two unit tests (the older `login_and_cancel_chatgpt` and a recently added `login_chatgpt_includes_forced_workspace_query_param`) exercise code paths that start the login server. The server binds to a hard-coded localhost port number, so attempts to start more than one server at the same time will fail. If these two tests happen to run concurrently, one of them will fail. To fix this, I've added a simple mutex. We can use this same mutex for future tests that use the same pattern.
2025-10-24 18:31:24 -05:00
"serial_test",
Migrate coverage to shell_command (#7042)
2025-11-20 19:44:00 -08:00
"shlex",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"tempfile",
"tokio",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"toml 0.9.5",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"tracing",
"tracing-subscriber",
"uuid",
"wiremock",
]
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
[[package]]
name = "codex-app-server-protocol"
version = "0.0.0"
dependencies = [
"anyhow",
Generate JSON schema for app-server protocol (#5063) Add annotations and an export script that let us generate app-server protocol types as typescript and JSONSchema. The script itself is a bit hacky because we need to manually label some of the types. Unfortunately it seems that enum variants don't get good names by default and end up with something like `EventMsg1`, `EventMsg2`, etc. I'm not an expert in this by any means, but since this is only run manually and we already need to enumerate the types required to describe the protocol, it didn't seem that much worse. An ideal solution here would be to have some kind of root that we could generate schemas for in one go, but I'm not sure if that's compatible with how we generate the protocol today.
2025-10-20 11:45:11 -07:00
"clap",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-protocol",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"codex-utils-absolute-path",
[app-server] feat: export.rs supports a v2 namespace, initial v2 notifications (#6212) **Typescript and JSON schema exports** While working on Thread/Turn/Items type definitions, I realize we will run into name conflicts between v1 and v2 APIs (e.g. `RateLimitWindow` which won't be reusable since v1 uses `RateLimitWindow` from `protocol/` which uses snake_case, but we want to expose camelCase everywhere, so we'll define a V2 version of that struct that serializes as camelCase). To set us up for a clean and isolated v2 API, generate types into a `v2/` namespace for both typescript and JSON schema. - TypeScript: v2 types emit under `out_dir/v2/*.ts`, and root index.ts now re-exports them via `export * as v2 from "./v2"`;. - JSON Schemas: v2 definitions bundle under `#/definitions/v2/*` rather than the root. The location for the original types (v1 and types pulled from `protocol/` and other core crates) haven't changed and are still at the root. This is for backwards compatibility: no breaking changes to existing usages of v1 APIs and types. **Notifications** While working on export.rs, I: - refactored server/client notifications with macros (like we already do for methods) so they also get exported (I noticed they weren't being exported at all). - removed the hardcoded list of types to export as JSON schema by leveraging the existing macros instead - and took a stab at API V2 notifications. These aren't wired up yet, and I expect to iterate on these this week.
2025-11-04 17:02:39 -08:00
"mcp-types",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"pretty_assertions",
Generate JSON schema for app-server protocol (#5063) Add annotations and an export script that let us generate app-server protocol types as typescript and JSONSchema. The script itself is a bit hacky because we need to manually label some of the types. Unfortunately it seems that enum variants don't get good names by default and end up with something like `EventMsg1`, `EventMsg2`, etc. I'm not an expert in this by any means, but since this is only run manually and we already need to enumerate the types required to describe the protocol, it didn't seem that much worse. An ideal solution here would be to have some kind of root that we could generate schemas for in one go, but I'm not sure if that's compatible with how we generate the protocol today.
2025-10-20 11:45:11 -07:00
"schemars 0.8.22",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"serde",
"serde_json",
"strum_macros 0.27.2",
[app-server & core] introduce new codex error code and v2 app-server error events (#6938) This PR does two things: 1. populate a new `codex_error_code` protocol in error events sent from core to client; 2. old v1 core events `codex/event/stream_error` and `codex/event/error` will now both become `error`. We also show codex error code for turncompleted -> error status. new events in app server test: ``` < { < "method": "codex/event/stream_error", < "params": { < "conversationId": "019aa34c-0c14-70e0-9706-98520a760d67", < "id": "0", < "msg": { < "codex_error_code": { < "response_stream_disconnected": { < "http_status_code": 401 < } < }, < "message": "Reconnecting... 2/5", < "type": "stream_error" < } < } < } { < "method": "error", < "params": { < "error": { < "codexErrorCode": { < "responseStreamDisconnected": { < "httpStatusCode": 401 < } < }, < "message": "Reconnecting... 2/5" < } < } < } < { < "method": "turn/completed", < "params": { < "turn": { < "error": { < "codexErrorCode": { < "responseTooManyFailedAttempts": { < "httpStatusCode": 401 < } < }, < "message": "exceeded retry limit, last status: 401 Unauthorized, request id: 9a1b495a1a97ed3e-SJC" < }, < "id": "0", < "items": [], < "status": "failed" < } < } < } ```
2025-11-20 15:06:55 -08:00
"thiserror 2.0.17",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"ts-rs",
"uuid",
]
feat: add app-server-test-client crate for internal use (#5391) For app-server development it's been helpful to be able to trigger some test flows end-to-end and print the JSON-RPC messages sent between client and server.
2025-11-14 12:39:58 -08:00
[[package]]
name = "codex-app-server-test-client"
version = "0.0.0"
dependencies = [
"anyhow",
"clap",
"codex-app-server-protocol",
"codex-protocol",
"serde",
"serde_json",
"uuid",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "codex-apply-patch"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anyhow",
feat: use the arg0 trick with apply_patch (#2646) Historically, Codex CLI has treated `apply_patch` (and its sometimes misspelling, `applypatch`) as a "virtual CLI," intercepting it when it appears as the first arg to `command` for the `"container.exec", `"shell"`, or `"local_shell"` tools. This approach has a known limitation where if, say, the model created a Python script that runs `apply_patch` and then tried to run the Python script, we have no insight as to what the model is trying to do and the Python Script would fail because `apply_patch` was never really on the `PATH`. One way to solve this problem is to require users to install an `apply_patch` executable alongside the `codex` executable (or at least put it someplace where Codex can discover it). Though to keep Codex CLI as a standalone executable, we exploit "the arg0 trick" where we create a temporary directory with an entry named `apply_patch` and prepend that directory to the `PATH` for the duration of the invocation of Codex. - On UNIX, `apply_patch` is a symlink to `codex`, which now changes its behavior to behave like `apply_patch` if arg0 is `apply_patch` (or `applypatch`) - On Windows, `apply_patch.bat` is a batch script that runs `codex --codex-run-as-apply-patch %*`, as Codex also changes its behavior if the first argument is `--codex-run-as-apply-patch`.
2025-08-24 14:35:51 -07:00
"assert_cmd",
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
"assert_matches",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"pretty_assertions",
"similar",
"tempfile",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tree-sitter",
"tree-sitter-bash",
]
fix: move arg0 handling out of codex-linux-sandbox and into its own crate (#1697)
2025-07-28 08:31:24 -07:00
[[package]]
name = "codex-arg0"
version = "0.0.0"
dependencies = [
"anyhow",
fix: support special --codex-run-as-apply-patch arg (#1702) This introduces some special behavior to the CLIs that are using the `codex-arg0` crate where if `arg1` is `--codex-run-as-apply-patch`, then it will run as if `apply_patch arg2` were invoked. This is important because it means we can do things like: ``` SANDBOX_TYPE=landlock # or seatbelt for macOS codex debug "${SANDBOX_TYPE}" -- codex --codex-run-as-apply-patch PATCH ``` which gives us a way to run `apply_patch` while ensuring it adheres to the sandbox the user specified. While it would be nice to use the `arg0` trick like we are currently doing for `codex-linux-sandbox`, there is no way to specify the `arg0` for the underlying command when running under `/usr/bin/sandbox-exec`, so it will not work for us in this case. Admittedly, we could have also supported this via a custom environment variable (e.g., `CODEX_ARG0`), but since environment variables are inherited by child processes, that seemed like a potentially leakier abstraction. This change, as well as our existing reliance on checking `arg0`, place additional requirements on those who include `codex-core`. Its `README.md` has been updated to reflect this. While we could have just added an `apply-patch` subcommand to the `codex` multitool CLI, that would not be sufficient for the standalone `codex-exec` CLI, which is something that we distribute as part of our GitHub releases for those who know they will not be using the TUI and therefore prefer to use a slightly smaller executable: https://github.com/openai/codex/releases/tag/rust-v0.10.0 To that end, this PR adds an integration test to ensure that the `--codex-run-as-apply-patch` option works with the standalone `codex-exec` CLI. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/1702). * #1705 * #1703 * __->__ #1702 * #1698 * #1697
2025-07-28 09:26:44 -07:00
"codex-apply-patch",
fix: move arg0 handling out of codex-linux-sandbox and into its own crate (#1697)
2025-07-28 08:31:24 -07:00
"codex-core",
"codex-linux-sandbox",
"dotenvy",
feat: use the arg0 trick with apply_patch (#2646) Historically, Codex CLI has treated `apply_patch` (and its sometimes misspelling, `applypatch`) as a "virtual CLI," intercepting it when it appears as the first arg to `command` for the `"container.exec", `"shell"`, or `"local_shell"` tools. This approach has a known limitation where if, say, the model created a Python script that runs `apply_patch` and then tried to run the Python script, we have no insight as to what the model is trying to do and the Python Script would fail because `apply_patch` was never really on the `PATH`. One way to solve this problem is to require users to install an `apply_patch` executable alongside the `codex` executable (or at least put it someplace where Codex can discover it). Though to keep Codex CLI as a standalone executable, we exploit "the arg0 trick" where we create a temporary directory with an entry named `apply_patch` and prepend that directory to the `PATH` for the duration of the invocation of Codex. - On UNIX, `apply_patch` is a symlink to `codex`, which now changes its behavior to behave like `apply_patch` if arg0 is `apply_patch` (or `applypatch`) - On Windows, `apply_patch.bat` is a batch script that runs `codex --codex-run-as-apply-patch %*`, as Codex also changes its behavior if the first argument is `--codex-run-as-apply-patch`.
2025-08-24 14:35:51 -07:00
"tempfile",
fix: move arg0 handling out of codex-linux-sandbox and into its own crate (#1697)
2025-07-28 08:31:24 -07:00
"tokio",
]
Support graceful agent interruption (#5287)
2025-10-17 11:52:57 -07:00
[[package]]
name = "codex-async-utils"
version = "0.0.0"
dependencies = [
"async-trait",
"pretty_assertions",
"tokio",
"tokio-util",
]
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
[[package]]
name = "codex-backend-client"
version = "0.0.0"
dependencies = [
"anyhow",
"codex-backend-openapi-models",
[app-server] read rate limits API (#5302) Adds a `GET account/rateLimits/read` API to app-server. This calls the codex backend to fetch the user's current rate limits. This would be helpful in checking rate limits without having to send a message. For calling the codex backend usage API, I generated the types and manually copied the relevant ones into `codex-backend-openapi-types`. It'll be nice to extend our internal openapi generator to support Rust so we don't have to run these manual steps. # External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes.
2025-10-20 14:11:54 -07:00
"codex-core",
"codex-protocol",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"pretty_assertions",
"reqwest",
"serde",
"serde_json",
]
[[package]]
name = "codex-backend-openapi-models"
version = "0.0.0"
dependencies = [
"serde",
"serde_json",
[app-server] read rate limits API (#5302) Adds a `GET account/rateLimits/read` API to app-server. This calls the codex backend to fetch the user's current rate limits. This would be helpful in checking rate limits without having to send a message. For calling the codex backend usage API, I generated the types and manually copied the relevant ones into `codex-backend-openapi-types`. It'll be nice to extend our internal openapi generator to support Rust so we don't have to run these manual steps. # External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes.
2025-10-20 14:11:54 -07:00
"serde_with",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
]
Add `codex apply` to apply a patch created from the Codex remote agent (#1528) In order to to this, I created a new `chatgpt` crate where we can put any code that interacts directly with ChatGPT as opposed to the OpenAI API. I added a disclaimer to the README for it that it should primarily be modified by OpenAI employees. https://github.com/user-attachments/assets/bb978e33-d2c9-4d8e-af28-c8c25b1988e8
2025-07-11 13:30:11 -04:00
[[package]]
name = "codex-chatgpt"
version = "0.0.0"
dependencies = [
"anyhow",
"clap",
"codex-common",
"codex-core",
chore: merge git crates (#5909) Merge `git-apply` and `git-tooling` into `utils/`
2025-10-29 12:11:44 +00:00
"codex-git",
Add `codex apply` to apply a patch created from the Codex remote agent (#1528) In order to to this, I created a new `chatgpt` crate where we can put any code that interacts directly with ChatGPT as opposed to the OpenAI API. I added a disclaimer to the README for it that it should primarily be modified by OpenAI employees. https://github.com/user-attachments/assets/bb978e33-d2c9-4d8e-af28-c8c25b1988e8
2025-07-11 13:30:11 -04:00
"serde",
"serde_json",
"tempfile",
"tokio",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "codex-cli"
chore: script to create a Rust release (#759) For now, keep things simple such that we never update the `version` in the `Cargo.toml` for the workspace root on the `main` branch. Instead, create a new branch for a release, push one commit that updates the `version`, and then tag that branch to kick off a release. To test, I ran this script and created this release job: https://github.com/openai/codex/actions/runs/14762580641
2025-04-30 12:39:03 -07:00
version = "0.0.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anyhow",
initial mcp add interface (#3543) Adds `codex mcp add`, `codex mcp list`, `codex mcp remove`. Currently writes to global config.
2025-09-14 21:30:56 -07:00
"assert_cmd",
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
"assert_matches",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"clap",
feat: add `codex completion` to generate shell completions (#1491) Once this lands, we can update our brew formula to use `generate_completions_from_executable()` like so: https://github.com/Homebrew/homebrew-core/blob/905238ff7f8f48fdc6f4ae2a9fbdd364bf7c7f9d/Formula/h/hgrep.rb#L21-L25
2025-07-08 21:43:27 -07:00
"clap_complete",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"codex-app-server",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-app-server-protocol",
fix: move arg0 handling out of codex-linux-sandbox and into its own crate (#1697)
2025-07-28 08:31:24 -07:00
"codex-arg0",
Add `codex apply` to apply a patch created from the Codex remote agent (#1528) In order to to this, I created a new `chatgpt` crate where we can put any code that interacts directly with ChatGPT as opposed to the OpenAI API. I added a disclaimer to the README for it that it should primarily be modified by OpenAI employees. https://github.com/user-attachments/assets/bb978e33-d2c9-4d8e-af28-c8c25b1988e8
2025-07-11 13:30:11 -04:00
"codex-chatgpt",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"codex-cloud-tasks",
chore: introduce codex-common crate (#843) I started this PR because I wanted to share the `format_duration()` utility function in `codex-rs/exec/src/event_processor.rs` with the TUI. The question was: where to put it? `core` should have as few dependencies as possible, so moving it there would introduce a dependency on `chrono`, which seemed undesirable. `core` already had this `cli` feature to deal with a similar situation around sharing common utility functions, so I decided to: * make `core` feature-free * introduce `common` * `common` can have as many "special interest" features as it needs, each of which can declare their own deps * the first two features of common are `cli` and `elapsed` In practice, this meant updating a number of `Cargo.toml` files, replacing this line: ```toml codex-core = { path = "../core", features = ["cli"] } ``` with these: ```toml codex-core = { path = "../core" } codex-common = { path = "../common", features = ["cli"] } ``` Moving `format_duration()` into its own file gave it some "breathing room" to add a unit test, so I had Codex generate some tests and new support for durations over 1 minute.
2025-05-06 17:38:56 -07:00
"codex-common",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"codex-core",
"codex-exec",
execpolicycheck command in codex cli (#7012) adding execpolicycheck tool onto codex cli this is useful for validating policies (can be multiple) against commands. it will also surface errors in policy syntax: <img width="1150" height="281" alt="Screenshot 2025-11-19 at 12 46 21 PM" src="https://github.com/user-attachments/assets/8f99b403-564c-4172-acc9-6574a8d13dc3" /> this PR also changes output format when there's no match in the CLI. instead of returning the raw string `noMatch`, we return `{"noMatch":{}}` this PR is a rewrite of: https://github.com/openai/codex/pull/6932 (due to the numerous merge conflicts present in the original PR) --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-20 16:44:31 -05:00
"codex-execpolicy",
feat: add support for login with ChatGPT (#1212) This does not implement the full Login with ChatGPT experience, but it should unblock people. **What works** * The `codex` multitool now has a `login` subcommand, so you can run `codex login`, which should write `CODEX_HOME/auth.json` if you complete the flow successfully. The TUI will now read the `OPENAI_API_KEY` from `auth.json`. * The TUI should refresh the token if it has expired and the necessary information is in `auth.json`. * There is a `LoginScreen` in the TUI that tells you to run `codex login` if both (1) your model provider expects to use `OPENAI_API_KEY` as its env var, and (2) `OPENAI_API_KEY` is not set. **What does not work** * The `LoginScreen` does not support the login flow from within the TUI. Instead, it tells you to quit, run `codex login`, and then run `codex` again. * `codex exec` does read from `auth.json` yet, nor does it direct the user to go through the login flow if `OPENAI_API_KEY` is not be found. * The `maybeRedeemCredits()` function from `get-api-key.tsx` has not been ported from TypeScript to `login_with_chatgpt.py` yet: https://github.com/openai/codex/blob/a67a67f3258fc21e147b6786a143fe3e15e6d5ba/codex-cli/src/utils/get-api-key.tsx#L84-L89 **Implementation** Currently, the OAuth flow requires running a local webserver on `127.0.0.1:1455`. It seemed wasteful to incur the additional binary cost of a webserver dependency in the Rust CLI just to support login, so instead we implement this logic in Python, as Python has a `http.server` module as part of its standard library. Specifically, we bundle the contents of a single Python file as a string in the Rust CLI and then use it to spawn a subprocess as `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}`. As such, the most significant files in this PR are: ``` codex-rs/login/src/login_with_chatgpt.py codex-rs/login/src/lib.rs ``` Now that the CLI may load `OPENAI_API_KEY` from the environment _or_ `CODEX_HOME/auth.json`, we need a new abstraction for reading/writing this variable, so we introduce: ``` codex-rs/core/src/openai_api_key.rs ``` Note that `std::env::set_var()` is [rightfully] `unsafe` in Rust 2024, so we use a LazyLock<RwLock<Option<String>>> to store `OPENAI_API_KEY` so it is read in a thread-safe manner. Ultimately, it should be possible to go through the entire login flow from the TUI. This PR introduces a placeholder `LoginScreen` UI for that right now, though the new `codex login` subcommand introduced in this PR should be a viable workaround until the UI is ready. **Testing** Because the login flow is currently implemented in a standalone Python file, you can test it without building any Rust code as follows: ``` rm -rf /tmp/codex_home && mkdir /tmp/codex_home CODEX_HOME=/tmp/codex_home python3 codex-rs/login/src/login_with_chatgpt.py ``` For reference: * the original TypeScript implementation was introduced in https://github.com/openai/codex/pull/963 * support for redeeming credits was later added in https://github.com/openai/codex/pull/974
2025-06-04 08:44:17 -07:00
"codex-login",
feat: add mcp subcommand to CLI to run Codex as an MCP server (#934) Previously, running Codex as an MCP server required a standalone binary in our Cargo workspace, but this PR makes it available as a subcommand (`mcp`) of the main CLI. Ran this with: ``` RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run --bin codex -- mcp ``` and verified it worked as expected in the inspector at `http://127.0.0.1:6274/`.
2025-05-14 13:15:41 -07:00
"codex-mcp-server",
chore: move pre_main_hardening() utility into its own crate (#4403)
2025-09-28 14:35:14 -07:00
"codex-process-hardening",
chore: move mcp-server/src/wire_format.rs to protocol/src/mcp_protocol.rs (#2423) The existing `wire_format.rs` should share more types with the `codex-protocol` crate (like `AskForApproval` instead of maintaining a parallel `CodexToolCallApprovalPolicy` enum), so this PR moves `wire_format.rs` into `codex-protocol`, renaming it as `mcp-protocol.rs`. We also de-dupe types, where appropriate. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2423). * #2424 * __->__ #2423
2025-08-18 09:36:57 -07:00
"codex-protocol",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"codex-responses-api-proxy",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"codex-rmcp-client",
feat: experimental `codex stdio-to-uds` subcommand (#5350)
2025-10-19 21:12:45 -07:00
"codex-stdio-to-uds",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"codex-tui",
feat(tui2): add feature-flagged tui2 frontend (#7793) Introduce a new codex-tui2 crate that re-exports the existing interactive TUI surface and delegates run_main directly to codex-tui. This keeps behavior identical while giving tui2 its own crate for future viewport work. Wire the codex CLI to select the frontend via the tui2 feature flag. When the merged CLI overrides include features.tui2=true (e.g. via --enable tui2), interactive runs are routed through codex_tui2::run_main; otherwise they continue to use the original codex_tui::run_main. Register Feature::Tui2 in the core feature registry and add the tui2 crate and dependency entries so the new frontend builds alongside the existing TUI. This is a stub that only wires up the feature flag for this. <img width="619" height="364" alt="image" src="https://github.com/user-attachments/assets/4893f030-932f-471e-a443-63fe6b5d8ed9" />
2025-12-09 16:23:53 -08:00
"codex-tui2",
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
"codex-windows-sandbox",
feat: add support for CODEX_SECURE_MODE=1 to restrict process observability (#4220) Because the `codex` process could contain sensitive information in memory, such as API keys, we add logic so that when `CODEX_SECURE_MODE=1` is specified, we avail ourselves of whatever the operating system provides to restrict observability/tampering, which includes: - disabling `ptrace(2)`, so it is not possible to attach to the process with a debugger, such as `gdb` - disabling core dumps Admittedly, a user with root privileges can defeat these safeguards. For now, we only add support for this in the `codex` multitool, but we may ultimately want to support this in some of the smaller CLIs that are buildable out of our Cargo workspace.
2025-09-25 10:02:28 -07:00
"ctor 0.5.0",
add codex debug seatbelt --log-denials (#4098) This adds a debugging tool for analyzing why certain commands fail to execute under the sandbox. Example output: ``` $ codex debug seatbelt --log-denials bash -lc "(echo foo > ~/foo.txt)" bash: /Users/nornagon/foo.txt: Operation not permitted === Sandbox denials === (bash) file-write-data /dev/tty (bash) file-write-data /dev/ttys001 (bash) sysctl-read kern.ngroups (bash) file-write-create /Users/nornagon/foo.txt ``` It operates by: 1. spawning `log stream` to watch system logs, and 2. tracking all descendant PIDs using kqueue + proc_listchildpids. this is a "best-effort" technique, as `log stream` may drop logs(?), and kqueue + proc_listchildpids isn't atomic and can end up missing very short-lived processes. But it works well enough in my testing to be useful :)
2025-11-10 14:48:14 -08:00
"libc",
fix codex resume message at end of session (#3957) This was only being printed when running the codex-tui executable directly, not via the codex-cli wrapper.
2025-09-22 15:24:31 -07:00
"owo-colors",
initial mcp add interface (#3543) Adds `codex mcp add`, `codex mcp list`, `codex mcp remove`. Currently writes to global config.
2025-09-14 21:30:56 -07:00
"predicates",
"pretty_assertions",
add codex debug seatbelt --log-denials (#4098) This adds a debugging tool for analyzing why certain commands fail to execute under the sandbox. Example output: ``` $ codex debug seatbelt --log-denials bash -lc "(echo foo > ~/foo.txt)" bash: /Users/nornagon/foo.txt: Operation not permitted === Sandbox denials === (bash) file-write-data /dev/tty (bash) file-write-data /dev/ttys001 (bash) sysctl-read kern.ngroups (bash) file-write-create /Users/nornagon/foo.txt ``` It operates by: 1. spawning `log stream` to watch system logs, and 2. tracking all descendant PIDs using kqueue + proc_listchildpids. this is a "best-effort" technique, as `log stream` may drop logs(?), and kqueue + proc_listchildpids isn't atomic and can end up missing very short-lived processes. But it works well enough in my testing to be useful :)
2025-11-10 14:48:14 -08:00
"regex-lite",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"serde_json",
cloud: status, diff, apply (#7614) Adds cli commands for getting the status of cloud tasks, and for getting/applying the diffs from same.
2025-12-05 13:39:23 -08:00
"supports-color 3.0.2",
initial mcp add interface (#3543) Adds `codex mcp add`, `codex mcp list`, `codex mcp remove`. Currently writes to global config.
2025-09-14 21:30:56 -07:00
"tempfile",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"toml 0.9.5",
add codex debug seatbelt --log-denials (#4098) This adds a debugging tool for analyzing why certain commands fail to execute under the sandbox. Example output: ``` $ codex debug seatbelt --log-denials bash -lc "(echo foo > ~/foo.txt)" bash: /Users/nornagon/foo.txt: Operation not permitted === Sandbox denials === (bash) file-write-data /dev/tty (bash) file-write-data /dev/ttys001 (bash) sysctl-read kern.ngroups (bash) file-write-create /Users/nornagon/foo.txt ``` It operates by: 1. spawning `log stream` to watch system logs, and 2. tracking all descendant PIDs using kqueue + proc_listchildpids. this is a "best-effort" technique, as `log stream` may drop logs(?), and kqueue + proc_listchildpids isn't atomic and can end up missing very short-lived processes. But it works well enough in my testing to be useful :)
2025-11-10 14:48:14 -08:00
"tracing",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
[[package]]
name = "codex-client"
version = "0.0.0"
dependencies = [
"async-trait",
"bytes",
"eventsource-stream",
"futures",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
[codex] add otel tracing (#7844)
2025-12-12 17:07:17 -08:00
"opentelemetry",
"opentelemetry_sdk",
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
"rand 0.9.2",
"reqwest",
"serde",
"serde_json",
"thiserror 2.0.17",
"tokio",
Add request logging back (#7471) Having full requests helps debugging
2025-12-02 07:57:55 -08:00
"tracing",
[codex] add otel tracing (#7844)
2025-12-12 17:07:17 -08:00
"tracing-opentelemetry",
"tracing-subscriber",
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
]
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
[[package]]
name = "codex-cloud-tasks"
version = "0.0.0"
dependencies = [
"anyhow",
"async-trait",
"base64",
"chrono",
"clap",
"codex-cloud-tasks-client",
"codex-common",
"codex-core",
"codex-login",
"codex-tui",
"crossterm",
cloud: status, diff, apply (#7614) Adds cli commands for getting the status of cloud tasks, and for getting/applying the diffs from same.
2025-12-05 13:39:23 -08:00
"owo-colors",
"pretty_assertions",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"ratatui",
"reqwest",
"serde",
"serde_json",
cloud: status, diff, apply (#7614) Adds cli commands for getting the status of cloud tasks, and for getting/applying the diffs from same.
2025-12-05 13:39:23 -08:00
"supports-color 3.0.2",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"tokio",
"tokio-stream",
"tracing",
"tracing-subscriber",
Set codex SDK TypeScript originator (#4894) ## Summary - ensure the TypeScript SDK sets CODEX_INTERNAL_ORIGINATOR_OVERRIDE to codex_sdk_ts when spawning the Codex CLI - extend the responses proxy test helper to capture request headers for assertions - add coverage that verifies Codex threads launched from the TypeScript SDK send the codex_sdk_ts originator header ## Testing - Not Run (not requested) ------ https://chatgpt.com/codex/tasks/task_i_68e561b125248320a487f129093d16e7
2025-10-07 14:06:41 -07:00
"unicode-width 0.2.1",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
]
[[package]]
name = "codex-cloud-tasks-client"
version = "0.0.0"
dependencies = [
"anyhow",
"async-trait",
"chrono",
"codex-backend-client",
chore: merge git crates (#5909) Merge `git-apply` and `git-tooling` into `utils/`
2025-10-29 12:11:44 +00:00
"codex-git",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"diffy",
"serde",
"serde_json",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
]
chore: introduce codex-common crate (#843) I started this PR because I wanted to share the `format_duration()` utility function in `codex-rs/exec/src/event_processor.rs` with the TUI. The question was: where to put it? `core` should have as few dependencies as possible, so moving it there would introduce a dependency on `chrono`, which seemed undesirable. `core` already had this `cli` feature to deal with a similar situation around sharing common utility functions, so I decided to: * make `core` feature-free * introduce `common` * `common` can have as many "special interest" features as it needs, each of which can declare their own deps * the first two features of common are `cli` and `elapsed` In practice, this meant updating a number of `Cargo.toml` files, replacing this line: ```toml codex-core = { path = "../core", features = ["cli"] } ``` with these: ```toml codex-core = { path = "../core" } codex-common = { path = "../common", features = ["cli"] } ``` Moving `format_duration()` into its own file gave it some "breathing room" to add a unit test, so I had Codex generate some tests and new support for durations over 1 minute.
2025-05-06 17:38:56 -07:00
[[package]]
name = "codex-common"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
chore: introduce codex-common crate (#843) I started this PR because I wanted to share the `format_duration()` utility function in `codex-rs/exec/src/event_processor.rs` with the TUI. The question was: where to put it? `core` should have as few dependencies as possible, so moving it there would introduce a dependency on `chrono`, which seemed undesirable. `core` already had this `cli` feature to deal with a similar situation around sharing common utility functions, so I decided to: * make `core` feature-free * introduce `common` * `common` can have as many "special interest" features as it needs, each of which can declare their own deps * the first two features of common are `cli` and `elapsed` In practice, this meant updating a number of `Cargo.toml` files, replacing this line: ```toml codex-core = { path = "../core", features = ["cli"] } ``` with these: ```toml codex-core = { path = "../core" } codex-common = { path = "../common", features = ["cli"] } ``` Moving `format_duration()` into its own file gave it some "breathing room" to add a unit test, so I had Codex generate some tests and new support for durations over 1 minute.
2025-05-06 17:38:56 -07:00
dependencies = [
"clap",
"codex-core",
LM Studio OSS Support (#2312) ## Overview Adds LM Studio OSS support. Closes #1883 ### Changes This PR enhances the behavior of `--oss` flag to support LM Studio as a provider. Additionally, it introduces a new flag`--local-provider` which can take in `lmstudio` or `ollama` as values if the user wants to explicitly choose which one to use. If no provider is specified `codex --oss` will auto-select the provider based on whichever is running. #### Additional enhancements The default can be set using `oss-provider` in config like: ``` oss_provider = "lmstudio" ``` For non-interactive users, they will need to either provide the provider as an arg or have it in their `config.toml` ### Notes For best performance, [set the default context length](https://lmstudio.ai/docs/app/advanced/per-model) for gpt-oss to the maximum your machine can support --------- Co-authored-by: Matt Clayton <matt@lmstudio.ai> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-17 14:49:09 -05:00
"codex-lmstudio",
"codex-ollama",
chore: move mcp-server/src/wire_format.rs to protocol/src/mcp_protocol.rs (#2423) The existing `wire_format.rs` should share more types with the `codex-protocol` crate (like `AskForApproval` instead of maintaining a parallel `CodexToolCallApprovalPolicy` enum), so this PR moves `wire_format.rs` into `codex-protocol`, renaming it as `mcp-protocol.rs`. We also de-dupe types, where appropriate. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2423). * #2424 * __->__ #2423
2025-08-18 09:36:57 -07:00
"codex-protocol",
feat: introduce ExternalSandbox policy (#8290) ## Description Introduced `ExternalSandbox` policy to cover use case when sandbox defined by outside environment, effectively it translates to `SandboxMode#DangerFullAccess` for file system (since sandbox configured on container level) and configurable `network_access` (either Restricted or Enabled by outside environment). as example you can configure `ExternalSandbox` policy as part of `sendUserTurn` v1 app_server API: ``` { "conversationId": <id>, "cwd": <cwd>, "approvalPolicy": "never", "sandboxPolicy": { "type": ""external-sandbox", "network_access": "enabled"/"restricted" }, "model": <model>, "effort": <effort>, .... } ```
2025-12-18 17:02:03 -08:00
"codex-utils-absolute-path",
"pretty_assertions",
feat: add support for -c/--config to override individual config items (#1137) This PR introduces support for `-c`/`--config` so users can override individual config values on the command line using `--config name=value`. Example: ``` codex --config model=o4-mini ``` Making it possible to set arbitrary config values on the command line results in a more flexible configuration scheme and makes it easier to provide single-line examples that can be copy-pasted from documentation. Effectively, it means there are four levels of configuration for some values: - Default value (e.g., `model` currently defaults to `o4-mini`) - Value in `config.toml` (e.g., user could override the default to be `model = "o3"` in their `config.toml`) - Specifying `-c` or `--config` to override `model` (e.g., user can include `-c model=o3` in their list of args to Codex) - If available, a config-specific flag can be used, which takes precedence over `-c` (e.g., user can specify `--model o3` in their list of args to Codex) Now that it is possible to specify anything that could be configured in `config.toml` on the command line using `-c`, we do not need to have a custom flag for every possible config option (which can clutter the output of `--help`). To that end, as part of this PR, we drop support for the `--disable-response-storage` flag, as users can now specify `-c disable_response_storage=true` to get the equivalent functionality. Under the hood, this works by loading the `config.toml` into a `toml::Value`. Then for each `key=value`, we create a small synthetic TOML file with `value` so that we can run the TOML parser to get the equivalent `toml::Value`. We then parse `key` to determine the point in the original `toml::Value` to do the insert/replace. Once all of the overrides from `-c` args have been applied, the `toml::Value` is deserialized into a `ConfigToml` and then the `ConfigOverrides` are applied, as before.
2025-05-27 23:11:44 -07:00
"serde",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"toml 0.9.5",
chore: introduce codex-common crate (#843) I started this PR because I wanted to share the `format_duration()` utility function in `codex-rs/exec/src/event_processor.rs` with the TUI. The question was: where to put it? `core` should have as few dependencies as possible, so moving it there would introduce a dependency on `chrono`, which seemed undesirable. `core` already had this `cli` feature to deal with a similar situation around sharing common utility functions, so I decided to: * make `core` feature-free * introduce `common` * `common` can have as many "special interest" features as it needs, each of which can declare their own deps * the first two features of common are `cli` and `elapsed` In practice, this meant updating a number of `Cargo.toml` files, replacing this line: ```toml codex-core = { path = "../core", features = ["cli"] } ``` with these: ```toml codex-core = { path = "../core" } codex-common = { path = "../common", features = ["cli"] } ``` Moving `format_duration()` into its own file gave it some "breathing room" to add a unit test, so I had Codex generate some tests and new support for durations over 1 minute.
2025-05-06 17:38:56 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "codex-core"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anyhow",
"assert_cmd",
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
"assert_matches",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"async-channel",
ref: state - 2 (#4229) Extracting tasks in a module and start abstraction behind a Trait (more to come on this but each task will be tackled in a dedicated PR) The goal was to drop the ActiveTask and to have a (potentially) set of tasks during each turn
2025-09-26 15:49:08 +02:00
"async-trait",
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
Fix: Improve text encoding for shell output in VSCode preview (#6178) (#6182) ## 🐛 Problem Users running commands with non-ASCII characters (like Russian text "пример") in Windows/WSL environments experience garbled text in VSCode's shell preview window, with Unicode replacement characters (�) appearing instead of the actual text. **Issue**: https://github.com/openai/codex/issues/6178 ## 🔧 Root Cause The issue was in `StreamOutput<Vec<u8>>::from_utf8_lossy()` method in `codex-rs/core/src/exec.rs`, which used `String::from_utf8_lossy()` to convert shell output bytes to strings. This function immediately replaces any invalid UTF-8 byte sequences with replacement characters, without attempting to decode using other common encodings. In Windows/WSL environments, shell output often uses encodings like: - Windows-1252 (common Windows encoding) - Latin-1/ISO-8859-1 (extended ASCII) ## 🛠️ Solution Replaced the simple `String::from_utf8_lossy()` call with intelligent encoding detection via a new `bytes_to_string_smart()` function that tries multiple encoding strategies: 1. **UTF-8** (fast path for valid UTF-8) 2. **Windows-1252** (handles Windows-specific characters in 0x80-0x9F range) 3. **Latin-1** (fallback for extended ASCII) 4. **Lossy UTF-8** (final fallback, same as before) ## 📁 Changes ### New Files - `codex-rs/core/src/text_encoding.rs` - Smart encoding detection module - `codex-rs/core/tests/suite/text_encoding_fix.rs` - Integration tests ### Modified Files - `codex-rs/core/src/lib.rs` - Added text_encoding module - `codex-rs/core/src/exec.rs` - Updated StreamOutput::from_utf8_lossy() - `codex-rs/core/tests/suite/mod.rs` - Registered new test module ## ✅ Testing - **5 unit tests** covering UTF-8, Windows-1252, Latin-1, and fallback scenarios - **2 integration tests** simulating the exact Issue #6178 scenario - **Demonstrates improvement** over the previous `String::from_utf8_lossy()` approach All tests pass: ```bash cargo test -p codex-core text_encoding cargo test -p codex-core test_shell_output_encoding_issue_6178 ``` ## 🎯 Impact - ✅ **Eliminates garbled text** in VSCode shell preview for non-ASCII content - ✅ **Supports Windows/WSL environments** with proper encoding detection - ✅ **Zero performance impact** for UTF-8 text (fast path) - ✅ **Backward compatible** - UTF-8 content works exactly as before - ✅ **Handles edge cases** with robust fallback mechanism ## 🧪 Test Scenarios The fix has been tested with: - Russian text ("пример") - Windows-1252 quotation marks (""test") - Latin-1 accented characters ("café") - Mixed encoding content - Invalid byte sequences (graceful fallback) ## 📋 Checklist - [X] Addresses the reported issue - [X] Includes comprehensive tests - [X] Maintains backward compatibility - [X] Follows project coding conventions - [X] No breaking changes --------- Co-authored-by: Josh McKinney <joshka@openai.com>
2025-11-21 03:04:11 +08:00
"chardetng",
Add support for a separate chatgpt auth endpoint (#1712) Adds a `CodexAuth` type that encapsulates information about available auth modes and logic for refreshing the token. Changes `Responses` API to send requests to different endpoints based on the auth type. Updates login_with_chatgpt to support API-less mode and skip the key exchange.
2025-07-30 12:40:15 -07:00
"chrono",
chore: proper client extraction (#6996)
2025-11-25 18:06:12 +00:00
"codex-api",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-app-server-protocol",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"codex-apply-patch",
Use codex-linux-sandbox in unified exec (#6480) Unified exec isn't working on Linux because we don't provide the correct arg0. The library we use for pty management doesn't allow setting arg0 separately from executable. Use the same aliasing strategy we use for `apply_patch` for `codex-linux-sandbox`. Use `#[ctor]` hack to dispatch codex-linux-sandbox calls. Addresses https://github.com/openai/codex/issues/6450
2025-11-10 17:17:09 -08:00
"codex-arg0",
Support graceful agent interruption (#5287)
2025-10-17 11:52:57 -07:00
"codex-async-utils",
Remove conversation_id and bring back request ID logging (#7830)
2025-12-10 10:44:12 -08:00
"codex-client",
feat: update process ID for event handling (#7261)
2025-11-25 22:21:05 +00:00
"codex-core",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"codex-execpolicy",
enable-resume (#3537) Adding the ability to resume conversations. we have one verb `resume`. Behavior: `tui`: `codex resume`: opens session picker `codex resume --last`: continue last message `codex resume <session id>`: continue conversation with `session id` `exec`: `codex resume --last`: continue last conversation `codex resume <session id>`: continue conversation with `session id` Implementation: - I added a function to find the path in `~/.codex/sessions/` with a `UUID`. This is helpful in resuming with session id. - Added the above mentioned flags - Added lots of testing
2025-09-14 19:33:19 -04:00
"codex-file-search",
chore: merge git crates (#5909) Merge `git-apply` and `git-tooling` into `utils/`
2025-10-29 12:11:44 +00:00
"codex-git",
[Auth] Add keyring support for Codex CLI (#5591) Follow-up PR to #5569. Add Keyring Support for Auth Storage in Codex CLI as well as a hybrid mode (default to persisting in keychain but fall back to file when unavailable.) It also refactors out the keyringstore implementation from rmcp-client [here](https://github.com/openai/codex/blob/main/codex-rs/rmcp-client/src/oauth.rs) to a new keyring-store crate. There will be a follow-up that picks the right credential mode depending on the config, instead of hardcoding `AuthCredentialsStoreMode::File`.
2025-10-27 12:10:11 -07:00
"codex-keyring-store",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"codex-otel",
fix: introduce codex-protocol crate (#2355)
2025-08-15 12:44:40 -07:00
"codex-protocol",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"codex-rmcp-client",
fix: introduce AbsolutePathBuf and resolve relative paths in config.toml (#7796) This PR attempts to solve two problems by introducing a `AbsolutePathBuf` type with a special deserializer: - `AbsolutePathBuf` attempts to be a generally useful abstraction, as it ensures, by constructing, that it represents a value that is an absolute, normalized path, which is a stronger guarantee than an arbitrary `PathBuf`. - Values in `config.toml` that can be either an absolute or relative path should be resolved against the folder containing the `config.toml` in the relative path case. This PR makes this easy to support: the main cost is ensuring `AbsolutePathBufGuard` is used inside `deserialize_config_toml_with_base()`. While `AbsolutePathBufGuard` may seem slightly distasteful because it relies on thread-local storage, this seems much cleaner to me than using than my various experiments with https://docs.rs/serde/latest/serde/de/trait.DeserializeSeed.html. Further, since the `deserialize()` method from the `Deserialize` trait is not async, we do not really have to worry about the deserialization work being spread across multiple threads in a way that would interfere with `AbsolutePathBufGuard`. To start, this PR introduces the use of `AbsolutePathBuf` in `OtelTlsConfig`. Note how this simplifies `otel_provider.rs` because it no longer requires `settings.codex_home` to be threaded through. Furthermore, this sets us up better for a world where multiple `config.toml` files from different folders could be loaded and then merged together, as the absolutifying of the paths must be done against the correct parent folder.
2025-12-09 17:37:52 -08:00
"codex-utils-absolute-path",
chore: rework tools execution workflow (#5278) Re-work the tool execution flow. Read `orchestrator.rs` to understand the structure
2025-10-20 20:57:37 +01:00
"codex-utils-pty",
feat: async ghost commit (#5618)
2025-10-27 10:09:10 +00:00
"codex-utils-readiness",
chore: refactor tool handling (#4510) # Tool System Refactor - Centralizes tool definitions and execution in `core/src/tools/*`: specs (`spec.rs`), handlers (`handlers/*`), router (`router.rs`), registry/dispatch (`registry.rs`), and shared context (`context.rs`). One registry now builds the model-visible tool list and binds handlers. - Router converts model responses to tool calls; Registry dispatches with consistent telemetry via `codex-rs/otel` and unified error handling. Function, Local Shell, MCP, and experimental `unified_exec` all flow through this path; legacy shell aliases still work. - Rationale: reduce per‑tool boilerplate, keep spec/handler in sync, and make adding tools predictable and testable. Example: `read_file` - Spec: `core/src/tools/spec.rs` (see `create_read_file_tool`, registered by `build_specs`). - Handler: `core/src/tools/handlers/read_file.rs` (absolute `file_path`, 1‑indexed `offset`, `limit`, `L#: ` prefixes, safe truncation). - E2E test: `core/tests/suite/read_file.rs` validates the tool returns the requested lines. ## Next steps: - Decompose `handle_container_exec_with_params` - Add parallel tool calls
2025-10-03 13:21:06 +01:00
"codex-utils-string",
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
"codex-windows-sandbox",
add(core): managed config (#3868) ## Summary - Factor `load_config_as_toml` into `core::config_loader` so config loading is reusable across callers. - Layer `~/.codex/config.toml`, optional `~/.codex/managed_config.toml`, and macOS managed preferences (base64) with recursive table merging and scoped threads per source. ## Config Flow ``` Managed prefs (macOS profile: com.openai.codex/config_toml_base64) ▲ │ ~/.codex/managed_config.toml │ (optional file-based override) ▲ │ ~/.codex/config.toml (user-defined settings) ``` - The loader searches under the resolved `CODEX_HOME` directory (defaults to `~/.codex`). - Managed configs let administrators ship fleet-wide overrides via device profiles which is useful for enforcing certain settings like sandbox or approval defaults. - For nested hash tables: overlays merge recursively. Child tables are merged key-by-key, while scalar or array values replace the prior layer entirely. This lets admins add or tweak individual fields without clobbering unrelated user settings.
2025-10-03 13:02:26 -07:00
"core-foundation 0.9.4",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"core_test_support",
Use codex-linux-sandbox in unified exec (#6480) Unified exec isn't working on Linux because we don't provide the correct arg0. The library we use for pty management doesn't allow setting arg0 separately from executable. Use the same aliasing strategy we use for `apply_patch` for `codex-linux-sandbox`. Use `#[ctor]` hack to dispatch codex-linux-sandbox calls. Addresses https://github.com/openai/codex/issues/6450
2025-11-10 17:17:09 -08:00
"ctor 0.5.0",
fix: remove dependency on expanduser crate (#667) In putting up https://github.com/openai/codex/pull/665, I discovered that the `expanduser` crate does not compile on Windows. Looking into it, we do not seem to need it because we were only using it with a value that was passed in via a command-line flag, so the shell expands `~` for us before we see it, anyway. (I changed the type in `Cli` from `String` to `PathBuf`, to boot.) If we do need this sort of functionality in the future, https://docs.rs/shellexpand/latest/shellexpand/fn.tilde.html seems promising.
2025-04-25 14:20:21 -07:00
"dirs",
canonicalize display of Agents.md paths on Windows. (#4577) Canonicalize path on Windows to - remove unattractive path prefixes such as `\\?\` - simplify it (`../AGENTS.md` vs `C:\Users\iceweasel\code\coded\Agents.md`) before: <img width="1110" height="45" alt="Screenshot 2025-10-01 123520" src="https://github.com/user-attachments/assets/48920ae6-d89c-41b8-b4ea-df5c18fb5fad" /> after: <img width="585" height="46" alt="Screenshot 2025-10-01 123612" src="https://github.com/user-attachments/assets/70a1761a-9d97-4836-b14c-670b6f13e608" />
2025-10-01 14:33:19 -07:00
"dunce",
Fix: Improve text encoding for shell output in VSCode preview (#6178) (#6182) ## 🐛 Problem Users running commands with non-ASCII characters (like Russian text "пример") in Windows/WSL environments experience garbled text in VSCode's shell preview window, with Unicode replacement characters (�) appearing instead of the actual text. **Issue**: https://github.com/openai/codex/issues/6178 ## 🔧 Root Cause The issue was in `StreamOutput<Vec<u8>>::from_utf8_lossy()` method in `codex-rs/core/src/exec.rs`, which used `String::from_utf8_lossy()` to convert shell output bytes to strings. This function immediately replaces any invalid UTF-8 byte sequences with replacement characters, without attempting to decode using other common encodings. In Windows/WSL environments, shell output often uses encodings like: - Windows-1252 (common Windows encoding) - Latin-1/ISO-8859-1 (extended ASCII) ## 🛠️ Solution Replaced the simple `String::from_utf8_lossy()` call with intelligent encoding detection via a new `bytes_to_string_smart()` function that tries multiple encoding strategies: 1. **UTF-8** (fast path for valid UTF-8) 2. **Windows-1252** (handles Windows-specific characters in 0x80-0x9F range) 3. **Latin-1** (fallback for extended ASCII) 4. **Lossy UTF-8** (final fallback, same as before) ## 📁 Changes ### New Files - `codex-rs/core/src/text_encoding.rs` - Smart encoding detection module - `codex-rs/core/tests/suite/text_encoding_fix.rs` - Integration tests ### Modified Files - `codex-rs/core/src/lib.rs` - Added text_encoding module - `codex-rs/core/src/exec.rs` - Updated StreamOutput::from_utf8_lossy() - `codex-rs/core/tests/suite/mod.rs` - Registered new test module ## ✅ Testing - **5 unit tests** covering UTF-8, Windows-1252, Latin-1, and fallback scenarios - **2 integration tests** simulating the exact Issue #6178 scenario - **Demonstrates improvement** over the previous `String::from_utf8_lossy()` approach All tests pass: ```bash cargo test -p codex-core text_encoding cargo test -p codex-core test_shell_output_encoding_issue_6178 ``` ## 🎯 Impact - ✅ **Eliminates garbled text** in VSCode shell preview for non-ASCII content - ✅ **Supports Windows/WSL environments** with proper encoding detection - ✅ **Zero performance impact** for UTF-8 text (fast path) - ✅ **Backward compatible** - UTF-8 content works exactly as before - ✅ **Handles edge cases** with robust fallback mechanism ## 🧪 Test Scenarios The fix has been tested with: - Russian text ("пример") - Windows-1252 quotation marks (""test") - Latin-1 accented characters ("café") - Mixed encoding content - Invalid byte sequences (graceful fallback) ## 📋 Checklist - [X] Addresses the reported issue - [X] Includes comprehensive tests - [X] Maintains backward compatibility - [X] Follows project coding conventions - [X] No breaking changes --------- Co-authored-by: Josh McKinney <joshka@openai.com>
2025-11-21 03:04:11 +08:00
"encoding_rs",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"env-flags",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"escargot",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"eventsource-stream",
"futures",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: image resizing (#5446) Add image resizing on the client side to reduce load on the API
2025-10-27 16:58:10 +00:00
"image",
Support SYSTEM skills. (#8220) 1. Remove PUBLIC skills and introduce SYSTEM skills embedded in the binary and installed into $CODEX_HOME/skills/.system at startup. 2. Skills are now always enabled (feature flag removed). 3. Update skills/list to accept forceReload and plumb it through (not used by clients yet).
2025-12-17 18:48:28 -08:00
"include_dir",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
[Auth] Add keyring support for Codex CLI (#5591) Follow-up PR to #5569. Add Keyring Support for Auth Storage in Codex CLI as well as a hybrid mode (default to persisting in keychain but fall back to file when unavailable.) It also refactors out the keyringstore implementation from rmcp-client [here](https://github.com/openai/codex/blob/main/codex-rs/rmcp-client/src/oauth.rs) to a new keyring-store crate. There will be a follow-up that picks the right credential mode depending on the config, instead of hardcoding `AuthCredentialsStoreMode::File`.
2025-10-27 12:10:11 -07:00
"keyring",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"landlock",
fix: use PR_SET_PDEATHSIG so to ensure child processes are killed in a timely manner (#1626) Some users have reported issues where child processes are not cleaned up after Codex exits (e.g., https://github.com/openai/codex/issues/1570). This is generally a tricky issue on operating systems: if a parent process receives `SIGKILL`, then it terminates immediately and cannot communicate with the child. **It only helps on Linux**, but this PR introduces the use of `prctl(2)` so that if the parent process dies, `SIGTERM` will be delivered to the child process. Whereas previously, I believe that if Codex spawned a long-running process (like `tsc --watch`) and the Codex process received `SIGKILL`, the `tsc --watch` process would be reparented to the init process and would never be killed. Now with the use of `prctl(2)`, the `tsc --watch` process should receive `SIGTERM` in that scenario. We still need to come up with a solution for macOS. I've started to look at `launchd`, but I'm researching a number of options.
2025-07-22 00:41:27 -07:00
"libc",
feat: introduce support for shell_environment_policy in config.toml (#1061) To date, when handling `shell` and `local_shell` tool calls, we were spawning new processes using the environment inherited from the Codex process itself. This means that the sensitive `OPENAI_API_KEY` that Codex needs to talk to OpenAI models was made available to everything run by `shell` and `local_shell`. While there are cases where that might be useful, it does not seem like a good default. This PR introduces a complex `shell_environment_policy` config option to control the `env` used with these tool calls. It is inevitably a bit complex so that it is possible to override individual components of the policy so without having to restate the entire thing. Details are in the updated `README.md` in this PR, but here is the relevant bit that explains the individual fields of `shell_environment_policy`: | Field | Type | Default | Description | | ------------------------- | -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | | `inherit` | string | `core` | Starting template for the environment:<br>`core` (`HOME`, `PATH`, `USER`, …), `all` (clone full parent env), or `none` (start empty). | | `ignore_default_excludes` | boolean | `false` | When `false`, Codex removes any var whose **name** contains `KEY`, `SECRET`, or `TOKEN` (case-insensitive) before other rules run. | | `exclude` | array&lt;string&gt; | `[]` | Case-insensitive glob patterns to drop after the default filter.<br>Examples: `"AWS_*"`, `"AZURE_*"`. | | `set` | table&lt;string,string&gt; | `{}` | Explicit key/value overrides or additions – always win over inherited values. | | `include_only` | array&lt;string&gt; | `[]` | If non-empty, a whitelist of patterns; only variables that match _one_ pattern survive the final step. (Generally used with `inherit = "all"`.) | In particular, note that the default is `inherit = "core"`, so: * if you have extra env variables that you want to inherit from the parent process, use `inherit = "all"` and then specify `include_only` * if you have extra env variables where you want to hardcode the values, the default `inherit = "core"` will work fine, but then you need to specify `set` This configuration is not battle-tested, so we will probably still have to play with it a bit. `core/src/exec_env.rs` has the critical business logic as well as unit tests. Though if nothing else, previous to this change: ``` $ cargo run --bin codex -- debug seatbelt -- printenv OPENAI_API_KEY # ...prints OPENAI_API_KEY... ``` But after this change it does not print anything (as desired). One final thing to call out about this PR is that the `configure_command!` macro we use in `core/src/exec.rs` has to do some complex logic with respect to how it builds up the `env` for the process being spawned under Landlock/seccomp. Specifically, doing `cmd.env_clear()` followed by `cmd.envs(&$env_map)` (which is arguably the most intuitive way to do it) caused the Landlock unit tests to fail because the processes spawned by the unit tests started failing in unexpected ways! If we forgo `env_clear()` in favor of updating env vars one at a time, the tests still pass. The comment in the code talks about this a bit, and while I would like to investigate this more, I need to move on for the moment, but I do plan to come back to it to fully understand what is going on. For example, this suggests that we might not be able to spawn a C program that calls `env_clear()`, which would be...weird. We may still have to fiddle with our Landlock config if that is the case.
2025-05-22 09:51:19 -07:00
"maplit",
feat: support mcp_servers in config.toml (#829) This adds initial support for MCP servers in the style of Claude Desktop and Cursor. Note this PR is the bare minimum to get things working end to end: all configured MCP servers are launched every time Codex is run, there is no recovery for MCP servers that crash, etc. (Also, I took some shortcuts to change some fields of `Session` to be `pub(crate)`, which also means there are circular deps between `codex.rs` and `mcp_tool_call.rs`, but I will clean that up in a subsequent PR.) `codex-rs/README.md` is updated as part of this PR to explain how to use this feature. There is a bit of plumbing to route the new settings from `Config` to the business logic in `codex.rs`. The most significant chunks for new code are in `mcp_connection_manager.rs` (which defines the `McpConnectionManager` struct) and `mcp_tool_call.rs`, which is responsible for tool calls. This PR also introduces new `McpToolCallBegin` and `McpToolCallEnd` event types to the protocol, but does not add any handlers for them. (See https://github.com/openai/codex/pull/836 for initial usage.) To test, I added the following to my `~/.codex/config.toml`: ```toml # Local build of https://github.com/hideya/mcp-server-weather-js [mcp_servers.weather] command = "/Users/mbolin/code/mcp-server-weather-js/dist/index.js" args = [] ``` And then I ran the following: ``` codex-rs$ cargo run --bin codex exec 'what is the weather in san francisco' [2025-05-06T22:40:05] Task started: 1 [2025-05-06T22:40:18] Agent message: Here’s the latest National Weather Service forecast for San Francisco (downtown, near 37.77° N, 122.42° W): This Afternoon (Tue): • Sunny, high near 69 °F • West-southwest wind around 12 mph Tonight: • Partly cloudy, low around 52 °F • SW wind 7–10 mph ... ``` Note that Codex itself is not able to make network calls, so it would not normally be able to get live weather information like this. However, the weather MCP is [currently] not run under the Codex sandbox, so it is able to hit `api.weather.gov` and fetch current weather information. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/829). * #836 * __->__ #829
2025-05-06 15:47:59 -07:00
"mcp-types",
Windows: flag some invocations that launch browsers/URLs as dangerous (#7111) Prevent certain Powershell/cmd invocations from reaching the sandbox when they are trying to launch a browser, or run a command with a URL, etc.
2025-11-21 13:36:17 -08:00
"once_cell",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"openssl-sys",
Set user-agent (#2230) Use the same well-defined value in all cases when sending user-agent header
2025-08-12 09:40:04 -07:00
"os_info",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"predicates",
feat: introduce --profile for Rust CLI (#921) This introduces a much-needed "profile" concept where users can specify a collection of options under one name and then pass that via `--profile` to the CLI. This PR introduces the `ConfigProfile` struct and makes it a field of `CargoToml`. It further updates `Config::load_from_base_config_with_overrides()` to respect `ConfigProfile`, overriding default values where appropriate. A detailed unit test is added at the end of `config.rs` to verify this behavior. Details on how to use this feature have also been added to `codex-rs/README.md`.
2025-05-13 16:52:52 -07:00
"pretty_assertions",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand 0.9.2",
Windows: flag some invocations that launch browsers/URLs as dangerous (#7111) Prevent certain Powershell/cmd invocations from reaching the sandbox when they are trying to launch a browser, or run a command with a URL, etc.
2025-11-21 13:36:17 -08:00
"regex",
Set user-agent (#2230) Use the same well-defined value in all cases when sending user-agent header
2025-08-12 09:40:04 -07:00
"regex-lite",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"reqwest",
"seccompiler",
"serde",
"serde_json",
feat: experimental support for skills.md (#7412) This change prototypes support for Skills with the CLI. This is an **experimental** feature for internal testing. --------- Co-authored-by: Gav Verma <gverma@openai.com>
2025-12-01 20:22:35 -08:00
"serde_yaml",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"serial_test",
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
"sha1",
[Auth] Add keyring support for Codex CLI (#5591) Follow-up PR to #5569. Add Keyring Support for Auth Storage in Codex CLI as well as a hybrid mode (default to persisting in keychain but fall back to file when unavailable.) It also refactors out the keyringstore implementation from rmcp-client [here](https://github.com/openai/codex/blob/main/codex-rs/rmcp-client/src/oauth.rs) to a new keyring-store crate. There will be a follow-up that picks the right credential mode depending on the config, instead of hardcoding `AuthCredentialsStoreMode::File`.
2025-10-27 12:10:11 -07:00
"sha2",
Optionally run using user profile (#1678)
2025-07-25 11:45:23 -07:00
"shlex",
Add a TurnDiffTracker to create a unified diff for an entire turn (#1770) This lets us show an accumulating diff across all patches in a turn. Refer to the docs for TurnDiffTracker for implementation details. There are multiple ways this could have been done and this felt like the right tradeoff between reliability and completeness: *Pros* * It will pick up all changes to files that the model touched including if they prettier or another command that updates them. * It will not pick up changes made by the user or other agents to files it didn't modify. *Cons* * It will pick up changes that the user made to a file that the model also touched * It will not pick up changes to codegen or files that were not modified with apply_patch
2025-08-04 08:57:04 -07:00
"similar",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tempfile",
chore(core) Consolidate apply_patch tests (#6545) ## Summary Consolidates our apply_patch tests into one suite, and ensures each test case tests the various ways the harness supports apply_patch: 1. Freeform custom tool call 2. JSON function tool 3. Simple shell call 4. Heredoc shell call There are a few test cases that are specific to a particular variant, I've left those alone. ## Testing - [x] This adds a significant number of tests
2025-11-13 15:52:39 -08:00
"test-case",
Support graceful agent interruption (#5287)
2025-10-17 11:52:57 -07:00
"test-log",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: save session transcripts when using Rust CLI (#845) This adds support for saving transcripts when using the Rust CLI. Like the TypeScript CLI, it saves the transcript to `~/.codex/sessions`, though it uses JSONL for the file format (and `.jsonl` for the file extension) so that even if Codex crashes, what was written to the `.jsonl` file should generally still be valid JSONL content.
2025-05-07 13:49:15 -07:00
"time",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio",
"tokio-util",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"toml 0.9.5",
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
"toml_edit",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tracing",
[codex] add otel tracing (#7844)
2025-12-12 17:07:17 -08:00
"tracing-subscriber",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"tracing-test",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tree-sitter",
"tree-sitter-bash",
Windows: flag some invocations that launch browsers/URLs as dangerous (#7111) Prevent certain Powershell/cmd invocations from reaching the sandbox when they are trying to launch a browser, or run a command with a URL, etc.
2025-11-21 13:36:17 -08:00
"url",
feat: save session transcripts when using Rust CLI (#845) This adds support for saving transcripts when using the Rust CLI. Like the TypeScript CLI, it saves the transcript to `~/.codex/sessions`, though it uses JSONL for the file format (and `.jsonl` for the file extension) so that even if Codex crashes, what was written to the `.jsonl` file should generally still be valid JSONL content.
2025-05-07 13:49:15 -07:00
"uuid",
Storing the sessions in a more organized way for easier look up. (#1596) now storing the sessions in `~/.codex/sessions/YYYY/MM/DD/<file>`
2025-07-17 10:12:15 -07:00
"walkdir",
Bridge command generation to powershell when on Windows (#2319) ## What? Why? How? - When running on Windows, codex often tries to invoke bash commands, which commonly fail (unless WSL is installed) - Fix: Detect if powershell is available and, if so, route commands to it - Also add a shell_name property to environmental context for codex to default to powershell commands when running in that environment ## Testing - Tested within WSL and powershell (e.g. get top 5 largest files within a folder and validated that commands generated were powershell commands) - Tested within Zsh - Updated unit tests --------- Co-authored-by: Eddy Escardo <eddy@openai.com>
2025-08-20 16:30:34 -07:00
"which",
feat: introduce support for shell_environment_policy in config.toml (#1061) To date, when handling `shell` and `local_shell` tool calls, we were spawning new processes using the environment inherited from the Codex process itself. This means that the sensitive `OPENAI_API_KEY` that Codex needs to talk to OpenAI models was made available to everything run by `shell` and `local_shell`. While there are cases where that might be useful, it does not seem like a good default. This PR introduces a complex `shell_environment_policy` config option to control the `env` used with these tool calls. It is inevitably a bit complex so that it is possible to override individual components of the policy so without having to restate the entire thing. Details are in the updated `README.md` in this PR, but here is the relevant bit that explains the individual fields of `shell_environment_policy`: | Field | Type | Default | Description | | ------------------------- | -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | | `inherit` | string | `core` | Starting template for the environment:<br>`core` (`HOME`, `PATH`, `USER`, …), `all` (clone full parent env), or `none` (start empty). | | `ignore_default_excludes` | boolean | `false` | When `false`, Codex removes any var whose **name** contains `KEY`, `SECRET`, or `TOKEN` (case-insensitive) before other rules run. | | `exclude` | array&lt;string&gt; | `[]` | Case-insensitive glob patterns to drop after the default filter.<br>Examples: `"AWS_*"`, `"AZURE_*"`. | | `set` | table&lt;string,string&gt; | `{}` | Explicit key/value overrides or additions – always win over inherited values. | | `include_only` | array&lt;string&gt; | `[]` | If non-empty, a whitelist of patterns; only variables that match _one_ pattern survive the final step. (Generally used with `inherit = "all"`.) | In particular, note that the default is `inherit = "core"`, so: * if you have extra env variables that you want to inherit from the parent process, use `inherit = "all"` and then specify `include_only` * if you have extra env variables where you want to hardcode the values, the default `inherit = "core"` will work fine, but then you need to specify `set` This configuration is not battle-tested, so we will probably still have to play with it a bit. `core/src/exec_env.rs` has the critical business logic as well as unit tests. Though if nothing else, previous to this change: ``` $ cargo run --bin codex -- debug seatbelt -- printenv OPENAI_API_KEY # ...prints OPENAI_API_KEY... ``` But after this change it does not print anything (as desired). One final thing to call out about this PR is that the `configure_command!` macro we use in `core/src/exec.rs` has to do some complex logic with respect to how it builds up the `env` for the process being spawned under Landlock/seccomp. Specifically, doing `cmd.env_clear()` followed by `cmd.envs(&$env_map)` (which is arguably the most intuitive way to do it) caused the Landlock unit tests to fail because the processes spawned by the unit tests started failing in unexpected ways! If we forgo `env_clear()` in favor of updating env vars one at a time, the tests still pass. The comment in the code talks about this a bit, and while I would like to investigate this more, I need to move on for the moment, but I do plan to come back to it to fully understand what is going on. For example, this suggests that we might not be able to spawn a C program that calls `env_clear()`, which would be...weird. We may still have to fiddle with our Landlock config if that is the case.
2025-05-22 09:51:19 -07:00
"wildmatch",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"wiremock",
]
[[package]]
name = "codex-exec"
chore: script to create a Rust release (#759) For now, keep things simple such that we never update the `version` in the `Cargo.toml` for the workspace root on the `main` branch. Instead, create a new branch for a release, push one commit that updates the `version`, and then tag that branch to kick off a release. To test, I ran this script and created this release job: https://github.com/openai/codex/actions/runs/14762580641
2025-04-30 12:39:03 -07:00
version = "0.0.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anyhow",
fix: support special --codex-run-as-apply-patch arg (#1702) This introduces some special behavior to the CLIs that are using the `codex-arg0` crate where if `arg1` is `--codex-run-as-apply-patch`, then it will run as if `apply_patch arg2` were invoked. This is important because it means we can do things like: ``` SANDBOX_TYPE=landlock # or seatbelt for macOS codex debug "${SANDBOX_TYPE}" -- codex --codex-run-as-apply-patch PATCH ``` which gives us a way to run `apply_patch` while ensuring it adheres to the sandbox the user specified. While it would be nice to use the `arg0` trick like we are currently doing for `codex-linux-sandbox`, there is no way to specify the `arg0` for the underlying command when running under `/usr/bin/sandbox-exec`, so it will not work for us in this case. Admittedly, we could have also supported this via a custom environment variable (e.g., `CODEX_ARG0`), but since environment variables are inherited by child processes, that seemed like a potentially leakier abstraction. This change, as well as our existing reliance on checking `arg0`, place additional requirements on those who include `codex-core`. Its `README.md` has been updated to reflect this. While we could have just added an `apply-patch` subcommand to the `codex` multitool CLI, that would not be sufficient for the standalone `codex-exec` CLI, which is something that we distribute as part of our GitHub releases for those who know they will not be using the TUI and therefore prefer to use a slightly smaller executable: https://github.com/openai/codex/releases/tag/rust-v0.10.0 To that end, this PR adds an integration test to ensure that the `--codex-run-as-apply-patch` option works with the standalone `codex-exec` CLI. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/1702). * #1705 * #1703 * __->__ #1702 * #1698 * #1697
2025-07-28 09:26:44 -07:00
"assert_cmd",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"clap",
fix: move arg0 handling out of codex-linux-sandbox and into its own crate (#1697)
2025-07-28 08:31:24 -07:00
"codex-arg0",
chore: introduce codex-common crate (#843) I started this PR because I wanted to share the `format_duration()` utility function in `codex-rs/exec/src/event_processor.rs` with the TUI. The question was: where to put it? `core` should have as few dependencies as possible, so moving it there would introduce a dependency on `chrono`, which seemed undesirable. `core` already had this `cli` feature to deal with a similar situation around sharing common utility functions, so I decided to: * make `core` feature-free * introduce `common` * `common` can have as many "special interest" features as it needs, each of which can declare their own deps * the first two features of common are `cli` and `elapsed` In practice, this meant updating a number of `Cargo.toml` files, replacing this line: ```toml codex-core = { path = "../core", features = ["cli"] } ``` with these: ```toml codex-core = { path = "../core" } codex-common = { path = "../common", features = ["cli"] } ``` Moving `format_duration()` into its own file gave it some "breathing room" to add a unit test, so I had Codex generate some tests and new support for durations over 1 minute.
2025-05-06 17:38:56 -07:00
"codex-common",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"codex-core",
chore: move mcp-server/src/wire_format.rs to protocol/src/mcp_protocol.rs (#2423) The existing `wire_format.rs` should share more types with the `codex-protocol` crate (like `AskForApproval` instead of maintaining a parallel `CodexToolCallApprovalPolicy` enum), so this PR moves `wire_format.rs` into `codex-protocol`, renaming it as `mcp-protocol.rs`. We also de-dupe types, where appropriate. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2423). * #2424 * __->__ #2423
2025-08-18 09:36:57 -07:00
"codex-protocol",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"codex-utils-absolute-path",
[tools] Add apply_patch tool (#2303) ## Summary We've been seeing a number of issues and reports with our synthetic `apply_patch` tool, e.g. #802. Let's make this a real tool - in my anecdotal testing, it's critical for GPT-OSS models, but I'd like to make it the standard across GPT-5 and codex models as well. ## Testing - [x] Tested locally - [x] Integration test
2025-08-15 11:55:53 -04:00
"core_test_support",
Fix AF_UNIX, sockpair, recvfrom in linux sandbox (#2309) When using codex-tui on a linux system I was unable to run `cargo clippy` inside of codex due to: ``` [pid 3548377] socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, <unfinished ...> [pid 3548370] close(8 <unfinished ...> [pid 3548377] <... socketpair resumed>0x7ffb97f4ed60) = -1 EPERM (Operation not permitted) ``` And ``` 3611300 <... recvfrom resumed>0x708b8b5cffe0, 8, 0, NULL, NULL) = -1 EPERM (Operation not permitted) ``` This PR: * Fixes a bug that disallowed AF_UNIX to allow it on `socket()` * Adds recvfrom() to the syscall allow list, this should be fine since we disable opening new sockets. But we should validate there is not a open socket inheritance issue. * Allow socketpair to be called for AF_UNIX * Adds tests for AF_UNIX components * All of which allows running `cargo clippy` within the sandbox on linux, and possibly other tooling using a fork server model + AF_UNIX comms.
2025-08-14 17:12:41 -07:00
"libc",
Add MCP tool call item to codex exec (#4481) No arguments/results for now. ``` { "type": "item.started", "item": { "id": "item_1", "item_type": "mcp_tool_call", "server": "github", "tool": "search_issues", "status": "in_progress" } } { "type": "item.completed", "item": { "id": "item_1", "item_type": "mcp_tool_call", "server": "github", "tool": "search_issues", "status": "completed" } } ```
2025-09-29 19:45:11 -07:00
"mcp-types",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"owo-colors",
fix: support special --codex-run-as-apply-patch arg (#1702) This introduces some special behavior to the CLIs that are using the `codex-arg0` crate where if `arg1` is `--codex-run-as-apply-patch`, then it will run as if `apply_patch arg2` were invoked. This is important because it means we can do things like: ``` SANDBOX_TYPE=landlock # or seatbelt for macOS codex debug "${SANDBOX_TYPE}" -- codex --codex-run-as-apply-patch PATCH ``` which gives us a way to run `apply_patch` while ensuring it adheres to the sandbox the user specified. While it would be nice to use the `arg0` trick like we are currently doing for `codex-linux-sandbox`, there is no way to specify the `arg0` for the underlying command when running under `/usr/bin/sandbox-exec`, so it will not work for us in this case. Admittedly, we could have also supported this via a custom environment variable (e.g., `CODEX_ARG0`), but since environment variables are inherited by child processes, that seemed like a potentially leakier abstraction. This change, as well as our existing reliance on checking `arg0`, place additional requirements on those who include `codex-core`. Its `README.md` has been updated to reflect this. While we could have just added an `apply-patch` subcommand to the `codex` multitool CLI, that would not be sufficient for the standalone `codex-exec` CLI, which is something that we distribute as part of our GitHub releases for those who know they will not be using the TUI and therefore prefer to use a slightly smaller executable: https://github.com/openai/codex/releases/tag/rust-v0.10.0 To that end, this PR adds an integration test to ensure that the `--codex-run-as-apply-patch` option works with the standalone `codex-exec` CLI. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/1702). * #1705 * #1703 * __->__ #1702 * #1698 * #1697
2025-07-28 09:26:44 -07:00
"predicates",
Add explicit codex exec events (#4177) This pull request add a new experimental format of JSON output. You can try it using `codex exec --experimental-json`. Design takes a lot of inspiration from Responses API items and stream format. # Session and items Each invocation of `codex exec` starts or resumes a session. Session contains multiple high-level item types: 1. Assistant message 2. Assistant thinking 3. Command execution 4. File changes 5. To-do lists 6. etc. # Events Session and items are going through their life cycles which is represented by events. Session is `session.created` or `session.resumed` Items are `item.added`, `item.updated`, `item.completed`, `item.require_approval` (or other item types like `item.output_delta` when we need streaming). So a typical session can look like: <details> ``` { "type": "session.created", "session_id": "01997dac-9581-7de3-b6a0-1df8256f2752" } { "type": "item.completed", "item": { "id": "itm_0", "item_type": "assistant_message", "text": "I’ll locate the top-level README and remove its first line. Then I’ll show a quick summary of what changed." } } { "type": "item.completed", "item": { "id": "itm_1", "item_type": "command_execution", "command": "bash -lc ls -la | sed -n '1,200p'", "aggregated_output": "pyenv: cannot rehash: /Users/pakrym/.pyenv/shims isn't writable\ntotal 192\ndrwxr-xr-x@ 33 pakrym staff 1056 Sep 24 14:36 .\ndrwxr-xr-x 41 pakrym staff 1312 Sep 24 09:17 ..\n-rw-r--r--@ 1 pakrym staff 6 Jul 9 16:16 .codespellignore\n-rw-r--r--@ 1 pakrym staff 258 Aug 13 09:40 .codespellrc\ndrwxr-xr-x@ 5 pakrym staff 160 Jul 23 08:26 .devcontainer\n-rw-r--r--@ 1 pakrym staff 6148 Jul 22 10:03 .DS_Store\ndrwxr-xr-x@ 15 pakrym staff 480 Sep 24 14:38 .git\ndrwxr-xr-x@ 12 pakrym staff 384 Sep 2 16:00 .github\n-rw-r--r--@ 1 pakrym staff 778 Jul 9 16:16 .gitignore\ndrwxr-xr-x@ 3 pakrym staff 96 Aug 11 09:37 .husky\n-rw-r--r--@ 1 pakrym staff 104 Jul 9 16:16 .npmrc\n-rw-r--r--@ 1 pakrym staff 96 Sep 2 08:52 .prettierignore\n-rw-r--r--@ 1 pakrym staff 170 Jul 9 16:16 .prettierrc.toml\ndrwxr-xr-x@ 5 pakrym staff 160 Sep 14 17:43 .vscode\ndrwxr-xr-x@ 2 pakrym staff 64 Sep 11 11:37 2025-09-11\n-rw-r--r--@ 1 pakrym staff 5505 Sep 18 09:28 AGENTS.md\n-rw-r--r--@ 1 pakrym staff 92 Sep 2 08:52 CHANGELOG.md\n-rw-r--r--@ 1 pakrym staff 1145 Jul 9 16:16 cliff.toml\ndrwxr-xr-x@ 11 pakrym staff 352 Sep 24 13:03 codex-cli\ndrwxr-xr-x@ 38 pakrym staff 1216 Sep 24 14:38 codex-rs\ndrwxr-xr-x@ 18 pakrym staff 576 Sep 23 11:01 docs\n-rw-r--r--@ 1 pakrym staff 2038 Jul 9 16:16 flake.lock\n-rw-r--r--@ 1 pakrym staff 1434 Jul 9 16:16 flake.nix\n-rw-r--r--@ 1 pakrym staff 10926 Jul 9 16:16 LICENSE\ndrwxr-xr-x@ 465 pakrym staff 14880 Jul 15 07:36 node_modules\n-rw-r--r--@ 1 pakrym staff 242 Aug 5 08:25 NOTICE\n-rw-r--r--@ 1 pakrym staff 578 Aug 14 12:31 package.json\n-rw-r--r--@ 1 pakrym staff 498 Aug 11 09:37 pnpm-lock.yaml\n-rw-r--r--@ 1 pakrym staff 58 Aug 11 09:37 pnpm-workspace.yaml\n-rw-r--r--@ 1 pakrym staff 2402 Jul 9 16:16 PNPM.md\n-rw-r--r--@ 1 pakrym staff 4393 Sep 12 14:36 README.md\ndrwxr-xr-x@ 4 pakrym staff 128 Sep 18 09:28 scripts\ndrwxr-xr-x@ 2 pakrym staff 64 Sep 11 11:34 tmp\n", "exit_code": 0, "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_2", "item_type": "reasoning", "text": "**Reviewing README.md file**\n\nI've located the README.md file at the root, and it’s 4393 bytes. Now, I need to remove the first line, but first, I should check its content to make sure I’m patching it correctly. I’ll use sed to display the first 20 lines. By reviewing those lines, I can determine exactly what needs to be removed before I proceed with the editing. Let's do this carefully!" } } { "type": "item.completed", "item": { "id": "itm_3", "item_type": "command_execution", "command": "bash -lc sed -n '1,40p' README.md", "aggregated_output": "<h1 align=\"center\">OpenAI Codex CLI</h1>\n\n<p align=\"center\"><code>npm i -g @openai/codex</code><br />or <code>brew install codex</code></p>\n\n<p align=\"center\"><strong>Codex CLI</strong> is a coding agent from OpenAI that runs locally on your computer.\n</br>\n</br>If you want Codex in your code editor (VS Code, Cursor, Windsurf), <a href=\"https://developers.openai.com/codex/ide\">install in your IDE</a>\n</br>If you are looking for the <em>cloud-based agent</em> from OpenAI, <strong>Codex Web</strong>, go to <a href=\"https://chatgpt.com/codex\">chatgpt.com/codex</a></p>\n\n<p align=\"center\">\n <img src=\"./.github/codex-cli-splash.png\" alt=\"Codex CLI splash\" width=\"80%\" />\n </p>\n\n---\n\n## Quickstart\n\n### Installing and running Codex CLI\n\nInstall globally with your preferred package manager. If you use npm:\n\n```shell\nnpm install -g @openai/codex\n```\n\nAlternatively, if you use Homebrew:\n\n```shell\nbrew install codex\n```\n\nThen simply run `codex` to get started:\n\n```shell\ncodex\n```\n\n<details>\n<summary>You can also go to the <a href=\"https://github.com/openai/codex/releases/latest\">latest GitHub Release</a> and download the appropriate binary for your platform.</summary>\n\n", "exit_code": 0, "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_4", "item_type": "reasoning", "text": "**Updating README file**\n\nThe user wants to update the README by removing the first line, which is an HTML h1 tag. I'll proceed to delete that line while keeping the rest intact. To do this, I need to use the apply_patch tool and create a patch in the diff format. I’ll take care to include context lines around the change. After removing the header, I’m considering whether to delete the following blank line as well to keep it tidy." } } { "type": "item.completed", "item": { "id": "itm_5", "item_type": "reasoning", "text": "**Crafting the patch**\n\nThe user has asked to remove just the first line, without mentioning the blank lines. Technically, leaving a blank line at the start is acceptable, but it's not ideal. Ideally, I'd prefer to remove the first line while maintaining the subsequent blank line. However, if I can also remove that blank line, it could tidy things up even more. Still, since the user's request is strictly to remove only the first line, I'll stick to that and craft the patch accordingly." } } { "type": "item.completed", "item": { "id": "itm_6", "item_type": "assistant_message", "text": "Applying the change by removing the first line from `README.md`." } } { "type": "item.completed", "item": { "id": "itm_7", "item_type": "file_change", "changes": [ { "path": "/Users/pakrym/code/codex/README.md", "kind": "update" } ], "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_8", "item_type": "reasoning", "text": "**Validating README Update**\n\nI updated the README.md and now I need to validate that the first line has been successfully removed. To do this, I'll check the first 10 lines of the document to ensure everything looks correct. It’s always good to double-check these kinds of changes, so I’m going to take that extra step to make sure the update was executed properly. Let's see what those initial lines say!" } } { "type": "item.completed", "item": { "id": "itm_9", "item_type": "command_execution", "command": "bash -lc sed -n '1,20p' README.md", "aggregated_output": "\n<p align=\"center\"><code>npm i -g @openai/codex</code><br />or <code>brew install codex</code></p>\n\n<p align=\"center\"><strong>Codex CLI</strong> is a coding agent from OpenAI that runs locally on your computer.\n</br>\n</br>If you want Codex in your code editor (VS Code, Cursor, Windsurf), <a href=\"https://developers.openai.com/codex/ide\">install in your IDE</a>\n</br>If you are looking for the <em>cloud-based agent</em> from OpenAI, <strong>Codex Web</strong>, go to <a href=\"https://chatgpt.com/codex\">chatgpt.com/codex</a></p>\n\n<p align=\"center\">\n <img src=\"./.github/codex-cli-splash.png\" alt=\"Codex CLI splash\" width=\"80%\" />\n </p>\n\n---\n\n## Quickstart\n\n### Installing and running Codex CLI\n\nInstall globally with your preferred package manager. If you use npm:\n\n", "exit_code": 0, "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_10", "item_type": "assistant_message", "text": "- Updated `README.md:1` by removing the opening H1 line.\n- The README now starts with the install instructions paragraph.\n\nWant me to also remove the leading blank line at the top?" } } ``` </details> The idea is to give users fully formatted items they can use directly in their rendering/application logic and avoid having them building up items manually based on events (unless they want to for streaming). This PR implements only the `item.completed` payload for some event types, more event types and item types to come. --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-09-25 10:47:09 -07:00
"pretty_assertions",
"serde",
feat: show MCP tool calls in `codex exec` subcommand (#841) This is analogous to the change for the TUI in https://github.com/openai/codex/pull/836, but for `codex exec`. To test, I ran: ``` cargo run --bin codex-exec -- 'what is the weather in wellesley ma tomorrow' ``` and saw: ![image](https://github.com/user-attachments/assets/5714e07f-88c7-4dd9-aa0d-be54c1670533)
2025-05-06 16:52:43 -07:00
"serde_json",
feat: improve output of exec subcommand (#719)
2025-04-29 09:59:35 -07:00
"shlex",
cloud: status, diff, apply (#7614) Adds cli commands for getting the status of cloud tasks, and for getting/applying the diffs from same.
2025-12-05 13:39:23 -08:00
"supports-color 3.0.2",
fix: support special --codex-run-as-apply-patch arg (#1702) This introduces some special behavior to the CLIs that are using the `codex-arg0` crate where if `arg1` is `--codex-run-as-apply-patch`, then it will run as if `apply_patch arg2` were invoked. This is important because it means we can do things like: ``` SANDBOX_TYPE=landlock # or seatbelt for macOS codex debug "${SANDBOX_TYPE}" -- codex --codex-run-as-apply-patch PATCH ``` which gives us a way to run `apply_patch` while ensuring it adheres to the sandbox the user specified. While it would be nice to use the `arg0` trick like we are currently doing for `codex-linux-sandbox`, there is no way to specify the `arg0` for the underlying command when running under `/usr/bin/sandbox-exec`, so it will not work for us in this case. Admittedly, we could have also supported this via a custom environment variable (e.g., `CODEX_ARG0`), but since environment variables are inherited by child processes, that seemed like a potentially leakier abstraction. This change, as well as our existing reliance on checking `arg0`, place additional requirements on those who include `codex-core`. Its `README.md` has been updated to reflect this. While we could have just added an `apply-patch` subcommand to the `codex` multitool CLI, that would not be sufficient for the standalone `codex-exec` CLI, which is something that we distribute as part of our GitHub releases for those who know they will not be using the TUI and therefore prefer to use a slightly smaller executable: https://github.com/openai/codex/releases/tag/rust-v0.10.0 To that end, this PR adds an integration test to ensure that the `--codex-run-as-apply-patch` option works with the standalone `codex-exec` CLI. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/1702). * #1705 * #1703 * __->__ #1702 * #1698 * #1697
2025-07-28 09:26:44 -07:00
"tempfile",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio",
"tracing",
"tracing-subscriber",
Add explicit codex exec events (#4177) This pull request add a new experimental format of JSON output. You can try it using `codex exec --experimental-json`. Design takes a lot of inspiration from Responses API items and stream format. # Session and items Each invocation of `codex exec` starts or resumes a session. Session contains multiple high-level item types: 1. Assistant message 2. Assistant thinking 3. Command execution 4. File changes 5. To-do lists 6. etc. # Events Session and items are going through their life cycles which is represented by events. Session is `session.created` or `session.resumed` Items are `item.added`, `item.updated`, `item.completed`, `item.require_approval` (or other item types like `item.output_delta` when we need streaming). So a typical session can look like: <details> ``` { "type": "session.created", "session_id": "01997dac-9581-7de3-b6a0-1df8256f2752" } { "type": "item.completed", "item": { "id": "itm_0", "item_type": "assistant_message", "text": "I’ll locate the top-level README and remove its first line. Then I’ll show a quick summary of what changed." } } { "type": "item.completed", "item": { "id": "itm_1", "item_type": "command_execution", "command": "bash -lc ls -la | sed -n '1,200p'", "aggregated_output": "pyenv: cannot rehash: /Users/pakrym/.pyenv/shims isn't writable\ntotal 192\ndrwxr-xr-x@ 33 pakrym staff 1056 Sep 24 14:36 .\ndrwxr-xr-x 41 pakrym staff 1312 Sep 24 09:17 ..\n-rw-r--r--@ 1 pakrym staff 6 Jul 9 16:16 .codespellignore\n-rw-r--r--@ 1 pakrym staff 258 Aug 13 09:40 .codespellrc\ndrwxr-xr-x@ 5 pakrym staff 160 Jul 23 08:26 .devcontainer\n-rw-r--r--@ 1 pakrym staff 6148 Jul 22 10:03 .DS_Store\ndrwxr-xr-x@ 15 pakrym staff 480 Sep 24 14:38 .git\ndrwxr-xr-x@ 12 pakrym staff 384 Sep 2 16:00 .github\n-rw-r--r--@ 1 pakrym staff 778 Jul 9 16:16 .gitignore\ndrwxr-xr-x@ 3 pakrym staff 96 Aug 11 09:37 .husky\n-rw-r--r--@ 1 pakrym staff 104 Jul 9 16:16 .npmrc\n-rw-r--r--@ 1 pakrym staff 96 Sep 2 08:52 .prettierignore\n-rw-r--r--@ 1 pakrym staff 170 Jul 9 16:16 .prettierrc.toml\ndrwxr-xr-x@ 5 pakrym staff 160 Sep 14 17:43 .vscode\ndrwxr-xr-x@ 2 pakrym staff 64 Sep 11 11:37 2025-09-11\n-rw-r--r--@ 1 pakrym staff 5505 Sep 18 09:28 AGENTS.md\n-rw-r--r--@ 1 pakrym staff 92 Sep 2 08:52 CHANGELOG.md\n-rw-r--r--@ 1 pakrym staff 1145 Jul 9 16:16 cliff.toml\ndrwxr-xr-x@ 11 pakrym staff 352 Sep 24 13:03 codex-cli\ndrwxr-xr-x@ 38 pakrym staff 1216 Sep 24 14:38 codex-rs\ndrwxr-xr-x@ 18 pakrym staff 576 Sep 23 11:01 docs\n-rw-r--r--@ 1 pakrym staff 2038 Jul 9 16:16 flake.lock\n-rw-r--r--@ 1 pakrym staff 1434 Jul 9 16:16 flake.nix\n-rw-r--r--@ 1 pakrym staff 10926 Jul 9 16:16 LICENSE\ndrwxr-xr-x@ 465 pakrym staff 14880 Jul 15 07:36 node_modules\n-rw-r--r--@ 1 pakrym staff 242 Aug 5 08:25 NOTICE\n-rw-r--r--@ 1 pakrym staff 578 Aug 14 12:31 package.json\n-rw-r--r--@ 1 pakrym staff 498 Aug 11 09:37 pnpm-lock.yaml\n-rw-r--r--@ 1 pakrym staff 58 Aug 11 09:37 pnpm-workspace.yaml\n-rw-r--r--@ 1 pakrym staff 2402 Jul 9 16:16 PNPM.md\n-rw-r--r--@ 1 pakrym staff 4393 Sep 12 14:36 README.md\ndrwxr-xr-x@ 4 pakrym staff 128 Sep 18 09:28 scripts\ndrwxr-xr-x@ 2 pakrym staff 64 Sep 11 11:34 tmp\n", "exit_code": 0, "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_2", "item_type": "reasoning", "text": "**Reviewing README.md file**\n\nI've located the README.md file at the root, and it’s 4393 bytes. Now, I need to remove the first line, but first, I should check its content to make sure I’m patching it correctly. I’ll use sed to display the first 20 lines. By reviewing those lines, I can determine exactly what needs to be removed before I proceed with the editing. Let's do this carefully!" } } { "type": "item.completed", "item": { "id": "itm_3", "item_type": "command_execution", "command": "bash -lc sed -n '1,40p' README.md", "aggregated_output": "<h1 align=\"center\">OpenAI Codex CLI</h1>\n\n<p align=\"center\"><code>npm i -g @openai/codex</code><br />or <code>brew install codex</code></p>\n\n<p align=\"center\"><strong>Codex CLI</strong> is a coding agent from OpenAI that runs locally on your computer.\n</br>\n</br>If you want Codex in your code editor (VS Code, Cursor, Windsurf), <a href=\"https://developers.openai.com/codex/ide\">install in your IDE</a>\n</br>If you are looking for the <em>cloud-based agent</em> from OpenAI, <strong>Codex Web</strong>, go to <a href=\"https://chatgpt.com/codex\">chatgpt.com/codex</a></p>\n\n<p align=\"center\">\n <img src=\"./.github/codex-cli-splash.png\" alt=\"Codex CLI splash\" width=\"80%\" />\n </p>\n\n---\n\n## Quickstart\n\n### Installing and running Codex CLI\n\nInstall globally with your preferred package manager. If you use npm:\n\n```shell\nnpm install -g @openai/codex\n```\n\nAlternatively, if you use Homebrew:\n\n```shell\nbrew install codex\n```\n\nThen simply run `codex` to get started:\n\n```shell\ncodex\n```\n\n<details>\n<summary>You can also go to the <a href=\"https://github.com/openai/codex/releases/latest\">latest GitHub Release</a> and download the appropriate binary for your platform.</summary>\n\n", "exit_code": 0, "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_4", "item_type": "reasoning", "text": "**Updating README file**\n\nThe user wants to update the README by removing the first line, which is an HTML h1 tag. I'll proceed to delete that line while keeping the rest intact. To do this, I need to use the apply_patch tool and create a patch in the diff format. I’ll take care to include context lines around the change. After removing the header, I’m considering whether to delete the following blank line as well to keep it tidy." } } { "type": "item.completed", "item": { "id": "itm_5", "item_type": "reasoning", "text": "**Crafting the patch**\n\nThe user has asked to remove just the first line, without mentioning the blank lines. Technically, leaving a blank line at the start is acceptable, but it's not ideal. Ideally, I'd prefer to remove the first line while maintaining the subsequent blank line. However, if I can also remove that blank line, it could tidy things up even more. Still, since the user's request is strictly to remove only the first line, I'll stick to that and craft the patch accordingly." } } { "type": "item.completed", "item": { "id": "itm_6", "item_type": "assistant_message", "text": "Applying the change by removing the first line from `README.md`." } } { "type": "item.completed", "item": { "id": "itm_7", "item_type": "file_change", "changes": [ { "path": "/Users/pakrym/code/codex/README.md", "kind": "update" } ], "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_8", "item_type": "reasoning", "text": "**Validating README Update**\n\nI updated the README.md and now I need to validate that the first line has been successfully removed. To do this, I'll check the first 10 lines of the document to ensure everything looks correct. It’s always good to double-check these kinds of changes, so I’m going to take that extra step to make sure the update was executed properly. Let's see what those initial lines say!" } } { "type": "item.completed", "item": { "id": "itm_9", "item_type": "command_execution", "command": "bash -lc sed -n '1,20p' README.md", "aggregated_output": "\n<p align=\"center\"><code>npm i -g @openai/codex</code><br />or <code>brew install codex</code></p>\n\n<p align=\"center\"><strong>Codex CLI</strong> is a coding agent from OpenAI that runs locally on your computer.\n</br>\n</br>If you want Codex in your code editor (VS Code, Cursor, Windsurf), <a href=\"https://developers.openai.com/codex/ide\">install in your IDE</a>\n</br>If you are looking for the <em>cloud-based agent</em> from OpenAI, <strong>Codex Web</strong>, go to <a href=\"https://chatgpt.com/codex\">chatgpt.com/codex</a></p>\n\n<p align=\"center\">\n <img src=\"./.github/codex-cli-splash.png\" alt=\"Codex CLI splash\" width=\"80%\" />\n </p>\n\n---\n\n## Quickstart\n\n### Installing and running Codex CLI\n\nInstall globally with your preferred package manager. If you use npm:\n\n", "exit_code": 0, "status": "completed" } } { "type": "item.completed", "item": { "id": "itm_10", "item_type": "assistant_message", "text": "- Updated `README.md:1` by removing the opening H1 line.\n- The README now starts with the install instructions paragraph.\n\nWant me to also remove the leading blank line at the top?" } } ``` </details> The idea is to give users fully formatted items they can use directly in their rendering/application logic and avoid having them building up items manually based on events (unless they want to for streaming). This PR implements only the `item.completed` payload for some event types, more event types and item types to come. --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-09-25 10:47:09 -07:00
"ts-rs",
enable-resume (#3537) Adding the ability to resume conversations. we have one verb `resume`. Behavior: `tui`: `codex resume`: opens session picker `codex resume --last`: continue last message `codex resume <session id>`: continue conversation with `session id` `exec`: `codex resume --last`: continue last conversation `codex resume <session id>`: continue conversation with `session id` Implementation: - I added a function to find the path in `~/.codex/sessions/` with a `UUID`. This is helpful in resuming with session id. - Added the above mentioned flags - Added lots of testing
2025-09-14 19:33:19 -04:00
"uuid",
"walkdir",
[tools] Add apply_patch tool (#2303) ## Summary We've been seeing a number of issues and reports with our synthetic `apply_patch` tool, e.g. #802. Let's make this a real tool - in my anecdotal testing, it's critical for GPT-OSS models, but I'd like to make it the standard across GPT-5 and codex models as well. ## Testing - [x] Tested locally - [x] Integration test
2025-08-15 11:55:53 -04:00
"wiremock",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
exec-server (#6630)
2025-11-18 16:20:19 -08:00
[[package]]
name = "codex-exec-server"
version = "0.0.0"
dependencies = [
"anyhow",
fix: add integration tests for codex-exec-mcp-server with execpolicy (#7617) This PR introduces integration tests that run [codex-shell-tool-mcp](https://www.npmjs.com/package/@openai/codex-shell-tool-mcp) as a user would. Note that this requires running our fork of Bash, so we introduce a [DotSlash](https://dotslash-cli.com/) file for `bash` so that we can run the integration tests on multiple platforms without having to check the binaries into the repository. (As noted in the DotSlash file, it is slightly more heavyweight than necessary, which may be worth addressing as disk space in CI is limited: https://github.com/openai/codex/pull/7678.) To start, this PR adds two tests: - `list_tools()` makes the `list_tools` request to the MCP server and verifies we get the expected response - `accept_elicitation_for_prompt_rule()` defines a `prefix_rule()` with `decision="prompt"` and verifies the elicitation flow works as expected Though the `accept_elicitation_for_prompt_rule()` test **only works on Linux**, as this PR reveals that there are currently issues when running the Bash fork in a read-only sandbox on Linux. This will have to be fixed in a follow-up PR. Incidentally, getting this test run to correctly on macOS also requires a recent fix we made to `brew` that hasn't hit a mainline release yet, so getting CI green in this PR required https://github.com/openai/codex/pull/7680.
2025-12-06 22:39:38 -08:00
"assert_cmd",
fix: prepare ExecPolicy in exec-server for execpolicy2 cutover (#6888) This PR introduces an extra layer of abstraction to prepare us for the migration to execpolicy2: - introduces a new trait, `EscalationPolicy`, whose `determine_action()` method is responsible for producing the `EscalateAction` - the existing `ExecPolicy` typedef is changed to return an intermediate `ExecPolicyOutcome` instead of `EscalateAction` - the default implementation of `EscalationPolicy`, `McpEscalationPolicy`, composes `ExecPolicy` - the `ExecPolicyOutcome` includes `codex_execpolicy2::Decision`, which has a `Prompt` variant - when `McpEscalationPolicy` gets `Decision::Prompt` back from `ExecPolicy`, it prompts the user via an MCP elicitation and maps the result into an `ElicitationAction` - now that the end user can reply to an elicitation with `Decline` or `Cancel`, we introduce a new variant, `EscalateAction::Deny`, which the client handles by returning exit code `1` without running anything Note the way the elicitation is created is still not quite right, but I will fix that once we have things running end-to-end for real in a follow-up PR.
2025-11-19 13:55:29 -08:00
"async-trait",
exec-server (#6630)
2025-11-18 16:20:19 -08:00
"clap",
"codex-core",
feat: exec policy integration in shell mcp (#7609) adding execpolicy support into the `posix` mcp Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-12-04 21:55:54 -08:00
"codex-execpolicy",
fix: add integration tests for codex-exec-mcp-server with execpolicy (#7617) This PR introduces integration tests that run [codex-shell-tool-mcp](https://www.npmjs.com/package/@openai/codex-shell-tool-mcp) as a user would. Note that this requires running our fork of Bash, so we introduce a [DotSlash](https://dotslash-cli.com/) file for `bash` so that we can run the integration tests on multiple platforms without having to check the binaries into the repository. (As noted in the DotSlash file, it is slightly more heavyweight than necessary, which may be worth addressing as disk space in CI is limited: https://github.com/openai/codex/pull/7678.) To start, this PR adds two tests: - `list_tools()` makes the `list_tools` request to the MCP server and verifies we get the expected response - `accept_elicitation_for_prompt_rule()` defines a `prefix_rule()` with `decision="prompt"` and verifies the elicitation flow works as expected Though the `accept_elicitation_for_prompt_rule()` test **only works on Linux**, as this PR reveals that there are currently issues when running the Bash fork in a read-only sandbox on Linux. This will have to be fixed in a follow-up PR. Incidentally, getting this test run to correctly on macOS also requires a recent fix we made to `brew` that hasn't hit a mainline release yet, so getting CI green in this PR required https://github.com/openai/codex/pull/7680.
2025-12-06 22:39:38 -08:00
"exec_server_test_support",
exec-server (#6630)
2025-11-18 16:20:19 -08:00
"libc",
fix: add integration tests for codex-exec-mcp-server with execpolicy (#7617) This PR introduces integration tests that run [codex-shell-tool-mcp](https://www.npmjs.com/package/@openai/codex-shell-tool-mcp) as a user would. Note that this requires running our fork of Bash, so we introduce a [DotSlash](https://dotslash-cli.com/) file for `bash` so that we can run the integration tests on multiple platforms without having to check the binaries into the repository. (As noted in the DotSlash file, it is slightly more heavyweight than necessary, which may be worth addressing as disk space in CI is limited: https://github.com/openai/codex/pull/7678.) To start, this PR adds two tests: - `list_tools()` makes the `list_tools` request to the MCP server and verifies we get the expected response - `accept_elicitation_for_prompt_rule()` defines a `prefix_rule()` with `decision="prompt"` and verifies the elicitation flow works as expected Though the `accept_elicitation_for_prompt_rule()` test **only works on Linux**, as this PR reveals that there are currently issues when running the Bash fork in a read-only sandbox on Linux. This will have to be fixed in a follow-up PR. Incidentally, getting this test run to correctly on macOS also requires a recent fix we made to `brew` that hasn't hit a mainline release yet, so getting CI green in this PR required https://github.com/openai/codex/pull/7680.
2025-12-06 22:39:38 -08:00
"maplit",
exec-server (#6630)
2025-11-18 16:20:19 -08:00
"path-absolutize",
"pretty_assertions",
"rmcp",
"serde",
"serde_json",
fix: prepare ExecPolicy in exec-server for execpolicy2 cutover (#6888) This PR introduces an extra layer of abstraction to prepare us for the migration to execpolicy2: - introduces a new trait, `EscalationPolicy`, whose `determine_action()` method is responsible for producing the `EscalateAction` - the existing `ExecPolicy` typedef is changed to return an intermediate `ExecPolicyOutcome` instead of `EscalateAction` - the default implementation of `EscalationPolicy`, `McpEscalationPolicy`, composes `ExecPolicy` - the `ExecPolicyOutcome` includes `codex_execpolicy2::Decision`, which has a `Prompt` variant - when `McpEscalationPolicy` gets `Decision::Prompt` back from `ExecPolicy`, it prompts the user via an MCP elicitation and maps the result into an `ElicitationAction` - now that the end user can reply to an elicitation with `Decline` or `Cancel`, we introduce a new variant, `EscalateAction::Deny`, which the client handles by returning exit code `1` without running anything Note the way the elicitation is created is still not quite right, but I will fix that once we have things running end-to-end for real in a follow-up PR.
2025-11-19 13:55:29 -08:00
"shlex",
chore(deps): bump socket2 from 0.6.0 to 0.6.1 in /codex-rs (#8046) Bumps [socket2](https://github.com/rust-lang/socket2) from 0.6.0 to 0.6.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.6.1</h1> <h2>Added</h2> <ul> <li>Added support for Windows Registered I/O (RIO) (<a href="https://redirect.github.com/rust-lang/socket2/pull/604">rust-lang/socket2#604</a>).</li> <li>Added support for <code>TCP_NOTSENT_LOWAT</code> on Linux via <code>Socket::(set_)tcp_notsent_lowat</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/611">rust-lang/socket2#611</a>).</li> <li>Added support for <code>SO_BUSY_POLL</code> on Linux via <code>Socket::set_busy_poll</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/607">rust-lang/socket2#607</a>).</li> <li><code>SockFilter::new</code> is now a const function (<a href="https://redirect.github.com/rust-lang/socket2/pull/609">rust-lang/socket2#609</a>).</li> </ul> <h2>Changed</h2> <ul> <li>Updated the windows-sys dependency to version 0.60 (<a href="https://redirect.github.com/rust-lang/socket2/pull/605">rust-lang/socket2#605</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/socket2/commit/d0ba3d39a6328115a49f470b11be25fd5eba686d"><code>d0ba3d3</code></a> Release v0.6.1</li> <li><a href="https://github.com/rust-lang/socket2/commit/3a8b7edda3d81b849b5f961481154510e718dde7"><code>3a8b7ed</code></a> Add example to create <code>SockAddr</code> from <code>libc::sockaddr_storage</code> (<a href="https://redirect.github.com/rust-lang/socket2/issues/615">#615</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/b54e2e6dbf44baee462afb48285d6595e5800381"><code>b54e2e6</code></a> Disable armv7-sony-vita-newlibeabihf CI check</li> <li><a href="https://github.com/rust-lang/socket2/commit/2d4a2f7b3b791118074f5b5ac6f3f92a890ad7b0"><code>2d4a2f7</code></a> Update feature <code>doc_auto_cfg</code> to <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/socket2/commit/11aa1029f2ffbc4915d788a85fa739da77599198"><code>11aa102</code></a> Add missing components when installing Rust in CI</li> <li><a href="https://github.com/rust-lang/socket2/commit/528ba2b0dacac88567c2af2e0bf6fd64fe6c4d5c"><code>528ba2b</code></a> Add TCP_NOTSENT_LOWAT socketopt support</li> <li><a href="https://github.com/rust-lang/socket2/commit/1fdd2938c1f3ed81f1a5e0c4ed655146252a3532"><code>1fdd293</code></a> Correct rename in CHANGELOG.md (<a href="https://redirect.github.com/rust-lang/socket2/issues/610">#610</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/600ff0d2468bd817179c5eab17dd5a69dddb9250"><code>600ff0d</code></a> Add support for Windows Registered I/O</li> <li><a href="https://github.com/rust-lang/socket2/commit/f0836965a165f357ea3be6f5cc47544130d1bfde"><code>f083696</code></a> Allow <code>SockFilter::new</code> in const contexts</li> <li><a href="https://github.com/rust-lang/socket2/commit/15ade5100c865629518190f4234247c8b6e5b1fd"><code>15ade51</code></a> Refactor for cargo fmt</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/socket2/compare/v0.6.0...v0.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket2&package-manager=cargo&previous-version=0.6.0&new-version=0.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:15:58 -08:00
"socket2 0.6.1",
exec-server (#6630)
2025-11-18 16:20:19 -08:00
"tempfile",
"tokio",
feat: waiting for an elicitation should not count against a shell tool timeout (#6973) Previously, we were running into an issue where we would run the `shell` tool call with a timeout of 10s, but it fired an elicitation asking for user approval, the time the user took to respond to the elicitation was counted agains the 10s timeout, so the `shell` tool call would fail with a timeout error unless the user is very fast! This PR addresses this issue by introducing a "stopwatch" abstraction that is used to manage the timeout. The idea is: - `Stopwatch::new()` is called with the _real_ timeout of the `shell` tool call. - `process_exec_tool_call()` is called with the `Cancellation` variant of `ExecExpiration` because it should not manage its own timeout in this case - the `Stopwatch` expiration is wired up to the `cancel_rx` passed to `process_exec_tool_call()` - when an elicitation for the `shell` tool call is received, the `Stopwatch` pauses - because it is possible for multiple elicitations to arrive concurrently, it keeps track of the number of "active pauses" and does not resume until that counter goes down to zero I verified that I can test the MCP server using `@modelcontextprotocol/inspector` and specify `git status` as the `command` with a timeout of 500ms and that the elicitation pops up and I have all the time in the world to respond whereas previous to this PR, that would not have been possible. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/6973). * #7005 * __->__ #6973 * #6972
2025-11-20 16:45:38 -08:00
"tokio-util",
exec-server (#6630)
2025-11-18 16:20:19 -08:00
"tracing",
"tracing-subscriber",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "codex-execpolicy"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
"anyhow",
"clap",
"multimap",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"pretty_assertions",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"serde",
"serde_json",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"shlex",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"starlark",
execpolicy helpers (#7032) this PR - adds a helper function to amend `.codexpolicy` files with new prefix rules - adds a utility to `Policy` allowing prefix rules to be added to existing `Policy` structs both additions will be helpful as we thread codexpolicy into the TUI workflow
2025-12-02 15:05:27 -05:00
"tempfile",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"thiserror 2.0.17",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
feat: execpolicy v2 (#6467) ## Summary - Introduces the `codex-execpolicy2` crate. - This PR covers only the prefix-rule subset of the planned execpolicy v2 language; a richer language will follow. ## Policy - Policy language centers on `prefix_rule(pattern=[...], decision?, match?, not_match?)`, where `pattern` is an ordered list of tokens; any element may be a list to denote alternatives. `decision` defaults to `allow`; valid values are `allow`, `prompt`, and `forbidden`. `match` / `not_match` hold example commands that are tokenized and validated at load time (think of these as unit tests). ## Policy shapes - Prefix rules use Starlark syntax: ```starlark prefix_rule( pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives decision = "prompt", # allow | prompt | forbidden; defaults to allow match = [["cmd", "alt1"]], # examples that must match this rule (enforced at compile time) not_match = [["cmd", "oops"]], # examples that must not match this rule (enforced at compile time) ) ``` ## Response shapes - Match: ```json { "match": { "decision": "allow|prompt|forbidden", "matchedRules": [ { "prefixRuleMatch": { "matchedPrefix": ["<token>", "..."], "decision": "allow|prompt|forbidden" } } ] } } ``` - No match: ```json "noMatch" ``` - `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched. - The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`). --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-17 10:15:45 -08:00
[[package]]
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
name = "codex-execpolicy-legacy"
feat: execpolicy v2 (#6467) ## Summary - Introduces the `codex-execpolicy2` crate. - This PR covers only the prefix-rule subset of the planned execpolicy v2 language; a richer language will follow. ## Policy - Policy language centers on `prefix_rule(pattern=[...], decision?, match?, not_match?)`, where `pattern` is an ordered list of tokens; any element may be a list to denote alternatives. `decision` defaults to `allow`; valid values are `allow`, `prompt`, and `forbidden`. `match` / `not_match` hold example commands that are tokenized and validated at load time (think of these as unit tests). ## Policy shapes - Prefix rules use Starlark syntax: ```starlark prefix_rule( pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives decision = "prompt", # allow | prompt | forbidden; defaults to allow match = [["cmd", "alt1"]], # examples that must match this rule (enforced at compile time) not_match = [["cmd", "oops"]], # examples that must not match this rule (enforced at compile time) ) ``` ## Response shapes - Match: ```json { "match": { "decision": "allow|prompt|forbidden", "matchedRules": [ { "prefixRuleMatch": { "matchedPrefix": ["<token>", "..."], "decision": "allow|prompt|forbidden" } } ] } } ``` - No match: ```json "noMatch" ``` - `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched. - The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`). --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-17 10:15:45 -08:00
version = "0.0.0"
dependencies = [
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"allocative",
feat: execpolicy v2 (#6467) ## Summary - Introduces the `codex-execpolicy2` crate. - This PR covers only the prefix-rule subset of the planned execpolicy v2 language; a richer language will follow. ## Policy - Policy language centers on `prefix_rule(pattern=[...], decision?, match?, not_match?)`, where `pattern` is an ordered list of tokens; any element may be a list to denote alternatives. `decision` defaults to `allow`; valid values are `allow`, `prompt`, and `forbidden`. `match` / `not_match` hold example commands that are tokenized and validated at load time (think of these as unit tests). ## Policy shapes - Prefix rules use Starlark syntax: ```starlark prefix_rule( pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives decision = "prompt", # allow | prompt | forbidden; defaults to allow match = [["cmd", "alt1"]], # examples that must match this rule (enforced at compile time) not_match = [["cmd", "oops"]], # examples that must not match this rule (enforced at compile time) ) ``` ## Response shapes - Match: ```json { "match": { "decision": "allow|prompt|forbidden", "matchedRules": [ { "prefixRuleMatch": { "matchedPrefix": ["<token>", "..."], "decision": "allow|prompt|forbidden" } } ] } } ``` - No match: ```json "noMatch" ``` - `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched. - The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`). --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-17 10:15:45 -08:00
"anyhow",
"clap",
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
"derive_more 2.0.1",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"env_logger",
"log",
feat: execpolicy v2 (#6467) ## Summary - Introduces the `codex-execpolicy2` crate. - This PR covers only the prefix-rule subset of the planned execpolicy v2 language; a richer language will follow. ## Policy - Policy language centers on `prefix_rule(pattern=[...], decision?, match?, not_match?)`, where `pattern` is an ordered list of tokens; any element may be a list to denote alternatives. `decision` defaults to `allow`; valid values are `allow`, `prompt`, and `forbidden`. `match` / `not_match` hold example commands that are tokenized and validated at load time (think of these as unit tests). ## Policy shapes - Prefix rules use Starlark syntax: ```starlark prefix_rule( pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives decision = "prompt", # allow | prompt | forbidden; defaults to allow match = [["cmd", "alt1"]], # examples that must match this rule (enforced at compile time) not_match = [["cmd", "oops"]], # examples that must not match this rule (enforced at compile time) ) ``` ## Response shapes - Match: ```json { "match": { "decision": "allow|prompt|forbidden", "matchedRules": [ { "prefixRuleMatch": { "matchedPrefix": ["<token>", "..."], "decision": "allow|prompt|forbidden" } } ] } } ``` - No match: ```json "noMatch" ``` - `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched. - The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`). --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-17 10:15:45 -08:00
"multimap",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"path-absolutize",
"regex-lite",
feat: execpolicy v2 (#6467) ## Summary - Introduces the `codex-execpolicy2` crate. - This PR covers only the prefix-rule subset of the planned execpolicy v2 language; a richer language will follow. ## Policy - Policy language centers on `prefix_rule(pattern=[...], decision?, match?, not_match?)`, where `pattern` is an ordered list of tokens; any element may be a list to denote alternatives. `decision` defaults to `allow`; valid values are `allow`, `prompt`, and `forbidden`. `match` / `not_match` hold example commands that are tokenized and validated at load time (think of these as unit tests). ## Policy shapes - Prefix rules use Starlark syntax: ```starlark prefix_rule( pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives decision = "prompt", # allow | prompt | forbidden; defaults to allow match = [["cmd", "alt1"]], # examples that must match this rule (enforced at compile time) not_match = [["cmd", "oops"]], # examples that must not match this rule (enforced at compile time) ) ``` ## Response shapes - Match: ```json { "match": { "decision": "allow|prompt|forbidden", "matchedRules": [ { "prefixRuleMatch": { "matchedPrefix": ["<token>", "..."], "decision": "allow|prompt|forbidden" } } ] } } ``` - No match: ```json "noMatch" ``` - `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched. - The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`). --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-17 10:15:45 -08:00
"serde",
"serde_json",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"serde_with",
feat: execpolicy v2 (#6467) ## Summary - Introduces the `codex-execpolicy2` crate. - This PR covers only the prefix-rule subset of the planned execpolicy v2 language; a richer language will follow. ## Policy - Policy language centers on `prefix_rule(pattern=[...], decision?, match?, not_match?)`, where `pattern` is an ordered list of tokens; any element may be a list to denote alternatives. `decision` defaults to `allow`; valid values are `allow`, `prompt`, and `forbidden`. `match` / `not_match` hold example commands that are tokenized and validated at load time (think of these as unit tests). ## Policy shapes - Prefix rules use Starlark syntax: ```starlark prefix_rule( pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives decision = "prompt", # allow | prompt | forbidden; defaults to allow match = [["cmd", "alt1"]], # examples that must match this rule (enforced at compile time) not_match = [["cmd", "oops"]], # examples that must not match this rule (enforced at compile time) ) ``` ## Response shapes - Match: ```json { "match": { "decision": "allow|prompt|forbidden", "matchedRules": [ { "prefixRuleMatch": { "matchedPrefix": ["<token>", "..."], "decision": "allow|prompt|forbidden" } } ] } } ``` - No match: ```json "noMatch" ``` - `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched. - The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`). --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-17 10:15:45 -08:00
"starlark",
migrating execpolicy -> execpolicy-legacy and execpolicy2 -> execpolicy (#6956)
2025-11-19 19:14:10 -08:00
"tempfile",
feat: execpolicy v2 (#6467) ## Summary - Introduces the `codex-execpolicy2` crate. - This PR covers only the prefix-rule subset of the planned execpolicy v2 language; a richer language will follow. ## Policy - Policy language centers on `prefix_rule(pattern=[...], decision?, match?, not_match?)`, where `pattern` is an ordered list of tokens; any element may be a list to denote alternatives. `decision` defaults to `allow`; valid values are `allow`, `prompt`, and `forbidden`. `match` / `not_match` hold example commands that are tokenized and validated at load time (think of these as unit tests). ## Policy shapes - Prefix rules use Starlark syntax: ```starlark prefix_rule( pattern = ["cmd", ["alt1", "alt2"]], # ordered tokens; list entries denote alternatives decision = "prompt", # allow | prompt | forbidden; defaults to allow match = [["cmd", "alt1"]], # examples that must match this rule (enforced at compile time) not_match = [["cmd", "oops"]], # examples that must not match this rule (enforced at compile time) ) ``` ## Response shapes - Match: ```json { "match": { "decision": "allow|prompt|forbidden", "matchedRules": [ { "prefixRuleMatch": { "matchedPrefix": ["<token>", "..."], "decision": "allow|prompt|forbidden" } } ] } } ``` - No match: ```json "noMatch" ``` - `matchedRules` lists every rule whose prefix matched the command; `matchedPrefix` is the exact prefix that matched. - The effective `decision` is the strictest severity across all matches (`forbidden` > `prompt` > `allow`). --------- Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-11-17 10:15:45 -08:00
]
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "codex-feedback"
version = "0.0.0"
dependencies = [
"anyhow",
"codex-protocol",
"pretty_assertions",
"sentry",
"tracing-subscriber",
]
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
[[package]]
name = "codex-file-search"
version = "0.0.0"
dependencies = [
"anyhow",
"clap",
"ignore",
"nucleo-matcher",
feat: introduce --compute-indices flag to codex-file-search (#1419) This is a small quality-of-life feature, the addition of `--compute-indices` to the CLI, which, if enabled, will compute and set the `indices` field for each `FileMatch` returned by `run()`. Note we only bother to compute `indices` once we have the top N results because there could be a lot of intermediate "top N" results during the search that are ultimately discarded. When set, the indices are included in the JSON output when `--json` is specified and the matching indices are displayed in bold when `--json` is not specified.
2025-06-28 14:39:29 -07:00
"serde",
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
"serde_json",
"tokio",
]
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
[[package]]
chore: merge git crates (#5909) Merge `git-apply` and `git-tooling` into `utils/`
2025-10-29 12:11:44 +00:00
name = "codex-git"
feat: git tooling for undo (#3914) ## Summary Introduces a “ghost commit” workflow that snapshots the tree without touching refs. 1. git commit-tree writes an unreferenced commit object from the current index, optionally pointing to the current HEAD as its parent. 2. We then stash that commit id and use git restore --source <ghost> to roll the worktree (and index) back to the recorded snapshot later on. ## Details - Ghost commits live only as loose objects—we never update branches or tags—so the repo history stays untouched while still giving us a full tree snapshot. - Force-included paths let us stage otherwise ignored files before capturing the tree. - Restoration rehydrates both tracked and force-included files while leaving untracked/ignored files alone.
2025-09-23 16:59:52 +01:00
version = "0.0.0"
dependencies = [
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
"assert_matches",
chore: merge git crates (#5909) Merge `git-apply` and `git-tooling` into `utils/`
2025-10-29 12:11:44 +00:00
"once_cell",
feat: git tooling for undo (#3914) ## Summary Introduces a “ghost commit” workflow that snapshots the tree without touching refs. 1. git commit-tree writes an unreferenced commit object from the current index, optionally pointing to the current HEAD as its parent. 2. We then stash that commit id and use git restore --source <ghost> to roll the worktree (and index) back to the recorded snapshot later on. ## Details - Ghost commits live only as loose objects—we never update branches or tags—so the repo history stays untouched while still giving us a full tree snapshot. - Force-included paths let us stage otherwise ignored files before capturing the tree. - Restoration rehydrates both tracked and force-included files while leaving untracked/ignored files alone.
2025-09-23 16:59:52 +01:00
"pretty_assertions",
chore: merge git crates (#5909) Merge `git-apply` and `git-tooling` into `utils/`
2025-10-29 12:11:44 +00:00
"regex",
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
"schemars 0.8.22",
"serde",
feat: git tooling for undo (#3914) ## Summary Introduces a “ghost commit” workflow that snapshots the tree without touching refs. 1. git commit-tree writes an unreferenced commit object from the current index, optionally pointing to the current HEAD as its parent. 2. We then stash that commit id and use git restore --source <ghost> to roll the worktree (and index) back to the recorded snapshot later on. ## Details - Ghost commits live only as loose objects—we never update branches or tags—so the repo history stays untouched while still giving us a full tree snapshot. - Force-included paths let us stage otherwise ignored files before capturing the tree. - Restoration rehydrates both tracked and force-included files while leaving untracked/ignored files alone.
2025-09-23 16:59:52 +01:00
"tempfile",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
"ts-rs",
feat: git tooling for undo (#3914) ## Summary Introduces a “ghost commit” workflow that snapshots the tree without touching refs. 1. git commit-tree writes an unreferenced commit object from the current index, optionally pointing to the current HEAD as its parent. 2. We then stash that commit id and use git restore --source <ghost> to roll the worktree (and index) back to the recorded snapshot later on. ## Details - Ghost commits live only as loose objects—we never update branches or tags—so the repo history stays untouched while still giving us a full tree snapshot. - Force-included paths let us stage otherwise ignored files before capturing the tree. - Restoration rehydrates both tracked and force-included files while leaving untracked/ignored files alone.
2025-09-23 16:59:52 +01:00
"walkdir",
]
[Auth] Add keyring support for Codex CLI (#5591) Follow-up PR to #5569. Add Keyring Support for Auth Storage in Codex CLI as well as a hybrid mode (default to persisting in keychain but fall back to file when unavailable.) It also refactors out the keyringstore implementation from rmcp-client [here](https://github.com/openai/codex/blob/main/codex-rs/rmcp-client/src/oauth.rs) to a new keyring-store crate. There will be a follow-up that picks the right credential mode depending on the config, instead of hardcoding `AuthCredentialsStoreMode::File`.
2025-10-27 12:10:11 -07:00
[[package]]
name = "codex-keyring-store"
version = "0.0.0"
dependencies = [
"keyring",
"tracing",
]
fix: overhaul how we spawn commands under seccomp/landlock on Linux (#1086) Historically, we spawned the Seatbelt and Landlock sandboxes in substantially different ways: For **Seatbelt**, we would run `/usr/bin/sandbox-exec` with our policy specified as an arg followed by the original command: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/core/src/exec.rs#L147-L219 For **Landlock/Seccomp**, we would do `tokio::runtime::Builder::new_current_thread()`, _invoke Landlock/Seccomp APIs to modify the permissions of that new thread_, and then spawn the command: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/core/src/exec_linux.rs#L28-L49 While it is neat that Landlock/Seccomp supports applying a policy to only one thread without having to apply it to the entire process, it requires us to maintain two different codepaths and is a bit harder to reason about. The tipping point was https://github.com/openai/codex/pull/1061, in which we had to start building up the `env` in an unexpected way for the existing Landlock/Seccomp approach to continue to work. This PR overhauls things so that we do similar things for Mac and Linux. It turned out that we were already building our own "helper binary" comparable to Mac's `sandbox-exec` as part of the `cli` crate: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/cli/Cargo.toml#L10-L12 We originally created this to build a small binary to include with the Node.js version of the Codex CLI to provide support for Linux sandboxing. Though the sticky bit is that, at this point, we still want to deploy the Rust version of Codex as a single, standalone binary rather than a CLI and a supporting sandboxing binary. To satisfy this goal, we use "the arg0 trick," in which we: * use `std::env::current_exe()` to get the path to the CLI that is currently running * use the CLI as the `program` for the `Command` * set `"codex-linux-sandbox"` as arg0 for the `Command` A CLI that supports sandboxing should check arg0 at the start of the program. If it is `"codex-linux-sandbox"`, it must invoke `codex_linux_sandbox::run_main()`, which runs the CLI as if it were `codex-linux-sandbox`. When acting as `codex-linux-sandbox`, we make the appropriate Landlock/Seccomp API calls and then use `execvp(3)` to spawn the original command, so do _replace_ the process rather than spawn a subprocess. Incidentally, we do this before starting the Tokio runtime, so the process should only have one thread when `execvp(3)` is called. Because the `core` crate that needs to spawn the Linux sandboxing is not a CLI in its own right, this means that every CLI that includes `core` and relies on this behavior has to (1) implement it and (2) provide the path to the sandboxing executable. While the path is almost always `std::env::current_exe()`, we needed to make this configurable for integration tests, so `Config` now has a `codex_linux_sandbox_exe: Option<PathBuf>` property to facilitate threading this through, introduced in https://github.com/openai/codex/pull/1089. This common pattern is now captured in `codex_linux_sandbox::run_with_sandbox()` and all of the `main.rs` functions that should use it have been updated as part of this PR. The `codex-linux-sandbox` crate added to the Cargo workspace as part of this PR now has the bulk of the Landlock/Seccomp logic, which makes `core` a bit simpler. Indeed, `core/src/exec_linux.rs` and `core/src/landlock.rs` were removed/ported as part of this PR. I also moved the unit tests for this code into an integration test, `linux-sandbox/tests/landlock.rs`, in which I use `env!("CARGO_BIN_EXE_codex-linux-sandbox")` as the value for `codex_linux_sandbox_exe` since `std::env::current_exe()` is not appropriate in that case.
2025-05-23 11:37:07 -07:00
[[package]]
name = "codex-linux-sandbox"
version = "0.0.0"
dependencies = [
"clap",
"codex-core",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"codex-utils-absolute-path",
fix: overhaul how we spawn commands under seccomp/landlock on Linux (#1086) Historically, we spawned the Seatbelt and Landlock sandboxes in substantially different ways: For **Seatbelt**, we would run `/usr/bin/sandbox-exec` with our policy specified as an arg followed by the original command: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/core/src/exec.rs#L147-L219 For **Landlock/Seccomp**, we would do `tokio::runtime::Builder::new_current_thread()`, _invoke Landlock/Seccomp APIs to modify the permissions of that new thread_, and then spawn the command: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/core/src/exec_linux.rs#L28-L49 While it is neat that Landlock/Seccomp supports applying a policy to only one thread without having to apply it to the entire process, it requires us to maintain two different codepaths and is a bit harder to reason about. The tipping point was https://github.com/openai/codex/pull/1061, in which we had to start building up the `env` in an unexpected way for the existing Landlock/Seccomp approach to continue to work. This PR overhauls things so that we do similar things for Mac and Linux. It turned out that we were already building our own "helper binary" comparable to Mac's `sandbox-exec` as part of the `cli` crate: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/cli/Cargo.toml#L10-L12 We originally created this to build a small binary to include with the Node.js version of the Codex CLI to provide support for Linux sandboxing. Though the sticky bit is that, at this point, we still want to deploy the Rust version of Codex as a single, standalone binary rather than a CLI and a supporting sandboxing binary. To satisfy this goal, we use "the arg0 trick," in which we: * use `std::env::current_exe()` to get the path to the CLI that is currently running * use the CLI as the `program` for the `Command` * set `"codex-linux-sandbox"` as arg0 for the `Command` A CLI that supports sandboxing should check arg0 at the start of the program. If it is `"codex-linux-sandbox"`, it must invoke `codex_linux_sandbox::run_main()`, which runs the CLI as if it were `codex-linux-sandbox`. When acting as `codex-linux-sandbox`, we make the appropriate Landlock/Seccomp API calls and then use `execvp(3)` to spawn the original command, so do _replace_ the process rather than spawn a subprocess. Incidentally, we do this before starting the Tokio runtime, so the process should only have one thread when `execvp(3)` is called. Because the `core` crate that needs to spawn the Linux sandboxing is not a CLI in its own right, this means that every CLI that includes `core` and relies on this behavior has to (1) implement it and (2) provide the path to the sandboxing executable. While the path is almost always `std::env::current_exe()`, we needed to make this configurable for integration tests, so `Config` now has a `codex_linux_sandbox_exe: Option<PathBuf>` property to facilitate threading this through, introduced in https://github.com/openai/codex/pull/1089. This common pattern is now captured in `codex_linux_sandbox::run_with_sandbox()` and all of the `main.rs` functions that should use it have been updated as part of this PR. The `codex-linux-sandbox` crate added to the Cargo workspace as part of this PR now has the bulk of the Landlock/Seccomp logic, which makes `core` a bit simpler. Indeed, `core/src/exec_linux.rs` and `core/src/landlock.rs` were removed/ported as part of this PR. I also moved the unit tests for this code into an integration test, `linux-sandbox/tests/landlock.rs`, in which I use `env!("CARGO_BIN_EXE_codex-linux-sandbox")` as the value for `codex_linux_sandbox_exe` since `std::env::current_exe()` is not appropriate in that case.
2025-05-23 11:37:07 -07:00
"landlock",
"libc",
"seccompiler",
"tempfile",
"tokio",
]
LM Studio OSS Support (#2312) ## Overview Adds LM Studio OSS support. Closes #1883 ### Changes This PR enhances the behavior of `--oss` flag to support LM Studio as a provider. Additionally, it introduces a new flag`--local-provider` which can take in `lmstudio` or `ollama` as values if the user wants to explicitly choose which one to use. If no provider is specified `codex --oss` will auto-select the provider based on whichever is running. #### Additional enhancements The default can be set using `oss-provider` in config like: ``` oss_provider = "lmstudio" ``` For non-interactive users, they will need to either provide the provider as an arg or have it in their `config.toml` ### Notes For best performance, [set the default context length](https://lmstudio.ai/docs/app/advanced/per-model) for gpt-oss to the maximum your machine can support --------- Co-authored-by: Matt Clayton <matt@lmstudio.ai> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-17 14:49:09 -05:00
[[package]]
name = "codex-lmstudio"
version = "0.0.0"
dependencies = [
"codex-core",
"reqwest",
"serde_json",
"tokio",
"tracing",
"which",
"wiremock",
]
feat: add support for login with ChatGPT (#1212) This does not implement the full Login with ChatGPT experience, but it should unblock people. **What works** * The `codex` multitool now has a `login` subcommand, so you can run `codex login`, which should write `CODEX_HOME/auth.json` if you complete the flow successfully. The TUI will now read the `OPENAI_API_KEY` from `auth.json`. * The TUI should refresh the token if it has expired and the necessary information is in `auth.json`. * There is a `LoginScreen` in the TUI that tells you to run `codex login` if both (1) your model provider expects to use `OPENAI_API_KEY` as its env var, and (2) `OPENAI_API_KEY` is not set. **What does not work** * The `LoginScreen` does not support the login flow from within the TUI. Instead, it tells you to quit, run `codex login`, and then run `codex` again. * `codex exec` does read from `auth.json` yet, nor does it direct the user to go through the login flow if `OPENAI_API_KEY` is not be found. * The `maybeRedeemCredits()` function from `get-api-key.tsx` has not been ported from TypeScript to `login_with_chatgpt.py` yet: https://github.com/openai/codex/blob/a67a67f3258fc21e147b6786a143fe3e15e6d5ba/codex-cli/src/utils/get-api-key.tsx#L84-L89 **Implementation** Currently, the OAuth flow requires running a local webserver on `127.0.0.1:1455`. It seemed wasteful to incur the additional binary cost of a webserver dependency in the Rust CLI just to support login, so instead we implement this logic in Python, as Python has a `http.server` module as part of its standard library. Specifically, we bundle the contents of a single Python file as a string in the Rust CLI and then use it to spawn a subprocess as `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}`. As such, the most significant files in this PR are: ``` codex-rs/login/src/login_with_chatgpt.py codex-rs/login/src/lib.rs ``` Now that the CLI may load `OPENAI_API_KEY` from the environment _or_ `CODEX_HOME/auth.json`, we need a new abstraction for reading/writing this variable, so we introduce: ``` codex-rs/core/src/openai_api_key.rs ``` Note that `std::env::set_var()` is [rightfully] `unsafe` in Rust 2024, so we use a LazyLock<RwLock<Option<String>>> to store `OPENAI_API_KEY` so it is read in a thread-safe manner. Ultimately, it should be possible to go through the entire login flow from the TUI. This PR introduces a placeholder `LoginScreen` UI for that right now, though the new `codex login` subcommand introduced in this PR should be a viable workaround until the UI is ready. **Testing** Because the login flow is currently implemented in a standalone Python file, you can test it without building any Rust code as follows: ``` rm -rf /tmp/codex_home && mkdir /tmp/codex_home CODEX_HOME=/tmp/codex_home python3 codex-rs/login/src/login_with_chatgpt.py ``` For reference: * the original TypeScript implementation was introduced in https://github.com/openai/codex/pull/963 * support for redeeming credits was later added in https://github.com/openai/codex/pull/974
2025-06-04 08:44:17 -07:00
[[package]]
name = "codex-login"
version = "0.0.0"
dependencies = [
Use anyhow::Result in tests for error propagation (#4105)
2025-09-23 13:31:36 -07:00
"anyhow",
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
feat: add support for login with ChatGPT (#1212) This does not implement the full Login with ChatGPT experience, but it should unblock people. **What works** * The `codex` multitool now has a `login` subcommand, so you can run `codex login`, which should write `CODEX_HOME/auth.json` if you complete the flow successfully. The TUI will now read the `OPENAI_API_KEY` from `auth.json`. * The TUI should refresh the token if it has expired and the necessary information is in `auth.json`. * There is a `LoginScreen` in the TUI that tells you to run `codex login` if both (1) your model provider expects to use `OPENAI_API_KEY` as its env var, and (2) `OPENAI_API_KEY` is not set. **What does not work** * The `LoginScreen` does not support the login flow from within the TUI. Instead, it tells you to quit, run `codex login`, and then run `codex` again. * `codex exec` does read from `auth.json` yet, nor does it direct the user to go through the login flow if `OPENAI_API_KEY` is not be found. * The `maybeRedeemCredits()` function from `get-api-key.tsx` has not been ported from TypeScript to `login_with_chatgpt.py` yet: https://github.com/openai/codex/blob/a67a67f3258fc21e147b6786a143fe3e15e6d5ba/codex-cli/src/utils/get-api-key.tsx#L84-L89 **Implementation** Currently, the OAuth flow requires running a local webserver on `127.0.0.1:1455`. It seemed wasteful to incur the additional binary cost of a webserver dependency in the Rust CLI just to support login, so instead we implement this logic in Python, as Python has a `http.server` module as part of its standard library. Specifically, we bundle the contents of a single Python file as a string in the Rust CLI and then use it to spawn a subprocess as `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}`. As such, the most significant files in this PR are: ``` codex-rs/login/src/login_with_chatgpt.py codex-rs/login/src/lib.rs ``` Now that the CLI may load `OPENAI_API_KEY` from the environment _or_ `CODEX_HOME/auth.json`, we need a new abstraction for reading/writing this variable, so we introduce: ``` codex-rs/core/src/openai_api_key.rs ``` Note that `std::env::set_var()` is [rightfully] `unsafe` in Rust 2024, so we use a LazyLock<RwLock<Option<String>>> to store `OPENAI_API_KEY` so it is read in a thread-safe manner. Ultimately, it should be possible to go through the entire login flow from the TUI. This PR introduces a placeholder `LoginScreen` UI for that right now, though the new `codex login` subcommand introduced in this PR should be a viable workaround until the UI is ready. **Testing** Because the login flow is currently implemented in a standalone Python file, you can test it without building any Rust code as follows: ``` rm -rf /tmp/codex_home && mkdir /tmp/codex_home CODEX_HOME=/tmp/codex_home python3 codex-rs/login/src/login_with_chatgpt.py ``` For reference: * the original TypeScript implementation was introduced in https://github.com/openai/codex/pull/963 * support for redeeming credits was later added in https://github.com/openai/codex/pull/974
2025-06-04 08:44:17 -07:00
"chrono",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-app-server-protocol",
Move CodexAuth and AuthManager to the core crate (#3074) Fix a long standing layering issue.
2025-09-02 18:36:19 -07:00
"codex-core",
Add non_sandbox_test helper (#3880) Makes tests shorter
2025-09-22 07:50:41 -07:00
"core_test_support",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand 0.9.2",
feat: add support for login with ChatGPT (#1212) This does not implement the full Login with ChatGPT experience, but it should unblock people. **What works** * The `codex` multitool now has a `login` subcommand, so you can run `codex login`, which should write `CODEX_HOME/auth.json` if you complete the flow successfully. The TUI will now read the `OPENAI_API_KEY` from `auth.json`. * The TUI should refresh the token if it has expired and the necessary information is in `auth.json`. * There is a `LoginScreen` in the TUI that tells you to run `codex login` if both (1) your model provider expects to use `OPENAI_API_KEY` as its env var, and (2) `OPENAI_API_KEY` is not set. **What does not work** * The `LoginScreen` does not support the login flow from within the TUI. Instead, it tells you to quit, run `codex login`, and then run `codex` again. * `codex exec` does read from `auth.json` yet, nor does it direct the user to go through the login flow if `OPENAI_API_KEY` is not be found. * The `maybeRedeemCredits()` function from `get-api-key.tsx` has not been ported from TypeScript to `login_with_chatgpt.py` yet: https://github.com/openai/codex/blob/a67a67f3258fc21e147b6786a143fe3e15e6d5ba/codex-cli/src/utils/get-api-key.tsx#L84-L89 **Implementation** Currently, the OAuth flow requires running a local webserver on `127.0.0.1:1455`. It seemed wasteful to incur the additional binary cost of a webserver dependency in the Rust CLI just to support login, so instead we implement this logic in Python, as Python has a `http.server` module as part of its standard library. Specifically, we bundle the contents of a single Python file as a string in the Rust CLI and then use it to spawn a subprocess as `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}`. As such, the most significant files in this PR are: ``` codex-rs/login/src/login_with_chatgpt.py codex-rs/login/src/lib.rs ``` Now that the CLI may load `OPENAI_API_KEY` from the environment _or_ `CODEX_HOME/auth.json`, we need a new abstraction for reading/writing this variable, so we introduce: ``` codex-rs/core/src/openai_api_key.rs ``` Note that `std::env::set_var()` is [rightfully] `unsafe` in Rust 2024, so we use a LazyLock<RwLock<Option<String>>> to store `OPENAI_API_KEY` so it is read in a thread-safe manner. Ultimately, it should be possible to go through the entire login flow from the TUI. This PR introduces a placeholder `LoginScreen` UI for that right now, though the new `codex login` subcommand introduced in this PR should be a viable workaround until the UI is ready. **Testing** Because the login flow is currently implemented in a standalone Python file, you can test it without building any Rust code as follows: ``` rm -rf /tmp/codex_home && mkdir /tmp/codex_home CODEX_HOME=/tmp/codex_home python3 codex-rs/login/src/login_with_chatgpt.py ``` For reference: * the original TypeScript implementation was introduced in https://github.com/openai/codex/pull/963 * support for redeeming credits was later added in https://github.com/openai/codex/pull/974
2025-06-04 08:44:17 -07:00
"reqwest",
"serde",
"serde_json",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
"sha2",
Add codex login --api-key (#1759) Allow setting the API key via `codex login --api-key`
2025-07-31 10:48:49 -07:00
"tempfile",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
"tiny_http",
feat: add support for login with ChatGPT (#1212) This does not implement the full Login with ChatGPT experience, but it should unblock people. **What works** * The `codex` multitool now has a `login` subcommand, so you can run `codex login`, which should write `CODEX_HOME/auth.json` if you complete the flow successfully. The TUI will now read the `OPENAI_API_KEY` from `auth.json`. * The TUI should refresh the token if it has expired and the necessary information is in `auth.json`. * There is a `LoginScreen` in the TUI that tells you to run `codex login` if both (1) your model provider expects to use `OPENAI_API_KEY` as its env var, and (2) `OPENAI_API_KEY` is not set. **What does not work** * The `LoginScreen` does not support the login flow from within the TUI. Instead, it tells you to quit, run `codex login`, and then run `codex` again. * `codex exec` does read from `auth.json` yet, nor does it direct the user to go through the login flow if `OPENAI_API_KEY` is not be found. * The `maybeRedeemCredits()` function from `get-api-key.tsx` has not been ported from TypeScript to `login_with_chatgpt.py` yet: https://github.com/openai/codex/blob/a67a67f3258fc21e147b6786a143fe3e15e6d5ba/codex-cli/src/utils/get-api-key.tsx#L84-L89 **Implementation** Currently, the OAuth flow requires running a local webserver on `127.0.0.1:1455`. It seemed wasteful to incur the additional binary cost of a webserver dependency in the Rust CLI just to support login, so instead we implement this logic in Python, as Python has a `http.server` module as part of its standard library. Specifically, we bundle the contents of a single Python file as a string in the Rust CLI and then use it to spawn a subprocess as `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}`. As such, the most significant files in this PR are: ``` codex-rs/login/src/login_with_chatgpt.py codex-rs/login/src/lib.rs ``` Now that the CLI may load `OPENAI_API_KEY` from the environment _or_ `CODEX_HOME/auth.json`, we need a new abstraction for reading/writing this variable, so we introduce: ``` codex-rs/core/src/openai_api_key.rs ``` Note that `std::env::set_var()` is [rightfully] `unsafe` in Rust 2024, so we use a LazyLock<RwLock<Option<String>>> to store `OPENAI_API_KEY` so it is read in a thread-safe manner. Ultimately, it should be possible to go through the entire login flow from the TUI. This PR introduces a placeholder `LoginScreen` UI for that right now, though the new `codex login` subcommand introduced in this PR should be a viable workaround until the UI is ready. **Testing** Because the login flow is currently implemented in a standalone Python file, you can test it without building any Rust code as follows: ``` rm -rf /tmp/codex_home && mkdir /tmp/codex_home CODEX_HOME=/tmp/codex_home python3 codex-rs/login/src/login_with_chatgpt.py ``` For reference: * the original TypeScript implementation was introduced in https://github.com/openai/codex/pull/963 * support for redeeming credits was later added in https://github.com/openai/codex/pull/974
2025-06-04 08:44:17 -07:00
"tokio",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
"url",
"urlencoding",
"webbrowser",
Rakesh/support device auth (#3531) # External (non-OpenAI) Pull Request Requirements Before opening this Pull Request, please read the dedicated "Contributing" markdown file or your PR may be closed: https://github.com/openai/codex/blob/main/docs/contributing.md If your PR conforms to our contribution guidelines, replace this text with a detailed and high quality description of your changes. # test ``` codex-rs % export CODEX_DEVICE_AUTH_BASE_URL=http://localhost:3007 codex-rs % cargo run --bin codex login --experimental_use-device-code Compiling codex-login v0.0.0 (/Users/rakesh/code/codex/codex-rs/login) Compiling codex-mcp-server v0.0.0 (/Users/rakesh/code/codex/codex-rs/mcp-server) Compiling codex-tui v0.0.0 (/Users/rakesh/code/codex/codex-rs/tui) Compiling codex-cli v0.0.0 (/Users/rakesh/code/codex/codex-rs/cli) Finished `dev` profile [unoptimized + debuginfo] target(s) in 2.90s Running `target/debug/codex login --experimental_use-device-code` To authenticate, enter this code when prompted: 6Q27-KBVRF with interval 5 ^C ``` The error in the last line is since the poll endpoint is not yet implemented
2025-09-29 19:34:57 -07:00
"wiremock",
feat: add support for login with ChatGPT (#1212) This does not implement the full Login with ChatGPT experience, but it should unblock people. **What works** * The `codex` multitool now has a `login` subcommand, so you can run `codex login`, which should write `CODEX_HOME/auth.json` if you complete the flow successfully. The TUI will now read the `OPENAI_API_KEY` from `auth.json`. * The TUI should refresh the token if it has expired and the necessary information is in `auth.json`. * There is a `LoginScreen` in the TUI that tells you to run `codex login` if both (1) your model provider expects to use `OPENAI_API_KEY` as its env var, and (2) `OPENAI_API_KEY` is not set. **What does not work** * The `LoginScreen` does not support the login flow from within the TUI. Instead, it tells you to quit, run `codex login`, and then run `codex` again. * `codex exec` does read from `auth.json` yet, nor does it direct the user to go through the login flow if `OPENAI_API_KEY` is not be found. * The `maybeRedeemCredits()` function from `get-api-key.tsx` has not been ported from TypeScript to `login_with_chatgpt.py` yet: https://github.com/openai/codex/blob/a67a67f3258fc21e147b6786a143fe3e15e6d5ba/codex-cli/src/utils/get-api-key.tsx#L84-L89 **Implementation** Currently, the OAuth flow requires running a local webserver on `127.0.0.1:1455`. It seemed wasteful to incur the additional binary cost of a webserver dependency in the Rust CLI just to support login, so instead we implement this logic in Python, as Python has a `http.server` module as part of its standard library. Specifically, we bundle the contents of a single Python file as a string in the Rust CLI and then use it to spawn a subprocess as `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}`. As such, the most significant files in this PR are: ``` codex-rs/login/src/login_with_chatgpt.py codex-rs/login/src/lib.rs ``` Now that the CLI may load `OPENAI_API_KEY` from the environment _or_ `CODEX_HOME/auth.json`, we need a new abstraction for reading/writing this variable, so we introduce: ``` codex-rs/core/src/openai_api_key.rs ``` Note that `std::env::set_var()` is [rightfully] `unsafe` in Rust 2024, so we use a LazyLock<RwLock<Option<String>>> to store `OPENAI_API_KEY` so it is read in a thread-safe manner. Ultimately, it should be possible to go through the entire login flow from the TUI. This PR introduces a placeholder `LoginScreen` UI for that right now, though the new `codex login` subcommand introduced in this PR should be a viable workaround until the UI is ready. **Testing** Because the login flow is currently implemented in a standalone Python file, you can test it without building any Rust code as follows: ``` rm -rf /tmp/codex_home && mkdir /tmp/codex_home CODEX_HOME=/tmp/codex_home python3 codex-rs/login/src/login_with_chatgpt.py ``` For reference: * the original TypeScript implementation was introduced in https://github.com/openai/codex/pull/963 * support for redeeming credits was later added in https://github.com/openai/codex/pull/974
2025-06-04 08:44:17 -07:00
]
feat: introduce mcp-server crate (#792) This introduces the `mcp-server` crate, which contains a barebones MCP server that provides an `echo` tool that echoes the user's request back to them. To test it out, I launched [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector) like so: ``` mcp-server$ npx @modelcontextprotocol/inspector cargo run -- ``` and opened up `http://127.0.0.1:6274` in my browser: ![image](https://github.com/user-attachments/assets/83fc55d4-25c2-4497-80cd-e9702283ff93) I also had to make a small fix to `mcp-types`, adding `#[serde(untagged)]` to a number of `enum`s.
2025-05-02 17:25:58 -07:00
[[package]]
name = "codex-mcp-server"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
feat: introduce mcp-server crate (#792) This introduces the `mcp-server` crate, which contains a barebones MCP server that provides an `echo` tool that echoes the user's request back to them. To test it out, I launched [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector) like so: ``` mcp-server$ npx @modelcontextprotocol/inspector cargo run -- ``` and opened up `http://127.0.0.1:6274` in my browser: ![image](https://github.com/user-attachments/assets/83fc55d4-25c2-4497-80cd-e9702283ff93) I also had to make a small fix to `mcp-types`, adding `#[serde(untagged)]` to a number of `enum`s.
2025-05-02 17:25:58 -07:00
dependencies = [
fix: overhaul how we spawn commands under seccomp/landlock on Linux (#1086) Historically, we spawned the Seatbelt and Landlock sandboxes in substantially different ways: For **Seatbelt**, we would run `/usr/bin/sandbox-exec` with our policy specified as an arg followed by the original command: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/core/src/exec.rs#L147-L219 For **Landlock/Seccomp**, we would do `tokio::runtime::Builder::new_current_thread()`, _invoke Landlock/Seccomp APIs to modify the permissions of that new thread_, and then spawn the command: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/core/src/exec_linux.rs#L28-L49 While it is neat that Landlock/Seccomp supports applying a policy to only one thread without having to apply it to the entire process, it requires us to maintain two different codepaths and is a bit harder to reason about. The tipping point was https://github.com/openai/codex/pull/1061, in which we had to start building up the `env` in an unexpected way for the existing Landlock/Seccomp approach to continue to work. This PR overhauls things so that we do similar things for Mac and Linux. It turned out that we were already building our own "helper binary" comparable to Mac's `sandbox-exec` as part of the `cli` crate: https://github.com/openai/codex/blob/d1de7bb383552e8fadd94be79d65d188e00fd562/codex-rs/cli/Cargo.toml#L10-L12 We originally created this to build a small binary to include with the Node.js version of the Codex CLI to provide support for Linux sandboxing. Though the sticky bit is that, at this point, we still want to deploy the Rust version of Codex as a single, standalone binary rather than a CLI and a supporting sandboxing binary. To satisfy this goal, we use "the arg0 trick," in which we: * use `std::env::current_exe()` to get the path to the CLI that is currently running * use the CLI as the `program` for the `Command` * set `"codex-linux-sandbox"` as arg0 for the `Command` A CLI that supports sandboxing should check arg0 at the start of the program. If it is `"codex-linux-sandbox"`, it must invoke `codex_linux_sandbox::run_main()`, which runs the CLI as if it were `codex-linux-sandbox`. When acting as `codex-linux-sandbox`, we make the appropriate Landlock/Seccomp API calls and then use `execvp(3)` to spawn the original command, so do _replace_ the process rather than spawn a subprocess. Incidentally, we do this before starting the Tokio runtime, so the process should only have one thread when `execvp(3)` is called. Because the `core` crate that needs to spawn the Linux sandboxing is not a CLI in its own right, this means that every CLI that includes `core` and relies on this behavior has to (1) implement it and (2) provide the path to the sandboxing executable. While the path is almost always `std::env::current_exe()`, we needed to make this configurable for integration tests, so `Config` now has a `codex_linux_sandbox_exe: Option<PathBuf>` property to facilitate threading this through, introduced in https://github.com/openai/codex/pull/1089. This common pattern is now captured in `codex_linux_sandbox::run_with_sandbox()` and all of the `main.rs` functions that should use it have been updated as part of this PR. The `codex-linux-sandbox` crate added to the Cargo workspace as part of this PR now has the bulk of the Landlock/Seccomp logic, which makes `core` a bit simpler. Indeed, `core/src/exec_linux.rs` and `core/src/landlock.rs` were removed/ported as part of this PR. I also moved the unit tests for this code into an integration test, `linux-sandbox/tests/landlock.rs`, in which I use `env!("CARGO_BIN_EXE_codex-linux-sandbox")` as the value for `codex_linux_sandbox_exe` since `std::env::current_exe()` is not appropriate in that case.
2025-05-23 11:37:07 -07:00
"anyhow",
test: add integration test for MCP server (#1633) This PR introduces a single integration test for `cargo mcp`, though it also introduces a number of reusable components so that it should be easier to introduce more integration tests going forward. The new test is introduced in `codex-rs/mcp-server/tests/elicitation.rs` and the reusable pieces are in `codex-rs/mcp-server/tests/common`. The test itself verifies new functionality around elicitations introduced in https://github.com/openai/codex/pull/1623 (and the fix introduced in https://github.com/openai/codex/pull/1629) by doing the following: - starts a mock model provider with canned responses for `/v1/chat/completions` - starts the MCP server with a `config.toml` to use that model provider (and `approval_policy = "untrusted"`) - sends the `codex` tool call which causes the mock model provider to request a shell call for `git init` - the MCP server sends an elicitation to the client to approve the request - the client replies to the elicitation with `"approved"` - the MCP server runs the command and re-samples the model, getting a `"finish_reason": "stop"` - in turn, the MCP server sends the final response to the original `codex` tool call - verifies that `git init` ran as expected To test: ``` cargo test shell_command_approval_triggers_elicitation ``` In writing this test, I discovered that `ExecApprovalResponse` does not conform to `ElicitResult`, so I added a TODO to fix that, since I think that should be updated in a separate PR. As it stands, this PR does not update any business logic, though it does make a number of members of the `mcp-server` crate `pub` so they can be used in the test. One additional learning from this PR is that `std::process::Command::cargo_bin()` from the `assert_cmd` trait is only available for `std::process::Command`, but we really want to use `tokio::process::Command` so that everything is async and we can leverage utilities like `tokio::time::timeout()`. The trick I came up with was to use `cargo_bin()` to locate the program, and then to use `std::process::Command::get_program()` when constructing the `tokio::process::Command`.
2025-07-21 10:27:07 -07:00
"assert_cmd",
fix: move arg0 handling out of codex-linux-sandbox and into its own crate (#1697)
2025-07-28 08:31:24 -07:00
"codex-arg0",
Support changing reasoning effort (#2435) https://github.com/user-attachments/assets/50198ee8-5915-47a3-bb71-69af65add1ef Building up on #2431 #2428
2025-08-19 10:55:07 -07:00
"codex-common",
feat: introduce mcp-server crate (#792) This introduces the `mcp-server` crate, which contains a barebones MCP server that provides an `echo` tool that echoes the user's request back to them. To test it out, I launched [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector) like so: ``` mcp-server$ npx @modelcontextprotocol/inspector cargo run -- ``` and opened up `http://127.0.0.1:6274` in my browser: ![image](https://github.com/user-attachments/assets/83fc55d4-25c2-4497-80cd-e9702283ff93) I also had to make a small fix to `mcp-types`, adding `#[serde(untagged)]` to a number of `enum`s.
2025-05-02 17:25:58 -07:00
"codex-core",
chore: move mcp-server/src/wire_format.rs to protocol/src/mcp_protocol.rs (#2423) The existing `wire_format.rs` should share more types with the `codex-protocol` crate (like `AskForApproval` instead of maintaining a parallel `CodexToolCallApprovalPolicy` enum), so this PR moves `wire_format.rs` into `codex-protocol`, renaming it as `mcp-protocol.rs`. We also de-dupe types, where appropriate. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2423). * #2424 * __->__ #2423
2025-08-18 09:36:57 -07:00
"codex-protocol",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
"codex-utils-json-to-toml",
Add non_sandbox_test helper (#3880) Makes tests shorter
2025-09-22 07:50:41 -07:00
"core_test_support",
feat: introduce mcp-server crate (#792) This introduces the `mcp-server` crate, which contains a barebones MCP server that provides an `echo` tool that echoes the user's request back to them. To test it out, I launched [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector) like so: ``` mcp-server$ npx @modelcontextprotocol/inspector cargo run -- ``` and opened up `http://127.0.0.1:6274` in my browser: ![image](https://github.com/user-attachments/assets/83fc55d4-25c2-4497-80cd-e9702283ff93) I also had to make a small fix to `mcp-types`, adding `#[serde(untagged)]` to a number of `enum`s.
2025-05-02 17:25:58 -07:00
"mcp-types",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"mcp_test_support",
Set a user agent suffix when used as a mcp server (#3395) This automatically adds a user agent suffix whenever the CLI is used as a MCP server
2025-09-09 19:32:57 -07:00
"os_info",
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
"pretty_assertions",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"schemars 0.8.22",
feat: introduce mcp-server crate (#792) This introduces the `mcp-server` crate, which contains a barebones MCP server that provides an `echo` tool that echoes the user's request back to them. To test it out, I launched [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector) like so: ``` mcp-server$ npx @modelcontextprotocol/inspector cargo run -- ``` and opened up `http://127.0.0.1:6274` in my browser: ![image](https://github.com/user-attachments/assets/83fc55d4-25c2-4497-80cd-e9702283ff93) I also had to make a small fix to `mcp-types`, adding `#[serde(untagged)]` to a number of `enum`s.
2025-05-02 17:25:58 -07:00
"serde",
"serde_json",
feat: leverage elicitations in the MCP server (#1623) This updates the MCP server so that if it receives an `ExecApprovalRequest` from the `Codex` session, it in turn sends an [MCP elicitation](https://modelcontextprotocol.io/specification/draft/client/elicitation) to the client to ask for the approval decision. Upon getting a response, it forwards the client's decision via `Op::ExecApproval`. Admittedly, we should be doing the same thing for `ApplyPatchApprovalRequest`, but this is our first time experimenting with elicitations, so I'm inclined to defer wiring that code path up until we feel good about how this one works. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/1623). * __->__ #1623 * #1622 * #1621 * #1620
2025-07-19 01:32:03 -04:00
"shlex",
test: add integration test for MCP server (#1633) This PR introduces a single integration test for `cargo mcp`, though it also introduces a number of reusable components so that it should be easier to introduce more integration tests going forward. The new test is introduced in `codex-rs/mcp-server/tests/elicitation.rs` and the reusable pieces are in `codex-rs/mcp-server/tests/common`. The test itself verifies new functionality around elicitations introduced in https://github.com/openai/codex/pull/1623 (and the fix introduced in https://github.com/openai/codex/pull/1629) by doing the following: - starts a mock model provider with canned responses for `/v1/chat/completions` - starts the MCP server with a `config.toml` to use that model provider (and `approval_policy = "untrusted"`) - sends the `codex` tool call which causes the mock model provider to request a shell call for `git init` - the MCP server sends an elicitation to the client to approve the request - the client replies to the elicitation with `"approved"` - the MCP server runs the command and re-samples the model, getting a `"finish_reason": "stop"` - in turn, the MCP server sends the final response to the original `codex` tool call - verifies that `git init` ran as expected To test: ``` cargo test shell_command_approval_triggers_elicitation ``` In writing this test, I discovered that `ExecApprovalResponse` does not conform to `ElicitResult`, so I added a TODO to fix that, since I think that should be updated in a separate PR. As it stands, this PR does not update any business logic, though it does make a number of members of the `mcp-server` crate `pub` so they can be used in the test. One additional learning from this PR is that `std::process::Command::cargo_bin()` from the `assert_cmd` trait is only available for `std::process::Command`, but we really want to use `tokio::process::Command` so that everything is async and we can leverage utilities like `tokio::time::timeout()`. The trick I came up with was to use `cargo_bin()` to locate the program, and then to use `std::process::Command::get_program()` when constructing the `tokio::process::Command`.
2025-07-21 10:27:07 -07:00
"tempfile",
feat: introduce mcp-server crate (#792) This introduces the `mcp-server` crate, which contains a barebones MCP server that provides an `echo` tool that echoes the user's request back to them. To test it out, I launched [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector) like so: ``` mcp-server$ npx @modelcontextprotocol/inspector cargo run -- ``` and opened up `http://127.0.0.1:6274` in my browser: ![image](https://github.com/user-attachments/assets/83fc55d4-25c2-4497-80cd-e9702283ff93) I also had to make a small fix to `mcp-types`, adding `#[serde(untagged)]` to a number of `enum`s.
2025-05-02 17:25:58 -07:00
"tokio",
"tracing",
"tracing-subscriber",
test: add integration test for MCP server (#1633) This PR introduces a single integration test for `cargo mcp`, though it also introduces a number of reusable components so that it should be easier to introduce more integration tests going forward. The new test is introduced in `codex-rs/mcp-server/tests/elicitation.rs` and the reusable pieces are in `codex-rs/mcp-server/tests/common`. The test itself verifies new functionality around elicitations introduced in https://github.com/openai/codex/pull/1623 (and the fix introduced in https://github.com/openai/codex/pull/1629) by doing the following: - starts a mock model provider with canned responses for `/v1/chat/completions` - starts the MCP server with a `config.toml` to use that model provider (and `approval_policy = "untrusted"`) - sends the `codex` tool call which causes the mock model provider to request a shell call for `git init` - the MCP server sends an elicitation to the client to approve the request - the client replies to the elicitation with `"approved"` - the MCP server runs the command and re-samples the model, getting a `"finish_reason": "stop"` - in turn, the MCP server sends the final response to the original `codex` tool call - verifies that `git init` ran as expected To test: ``` cargo test shell_command_approval_triggers_elicitation ``` In writing this test, I discovered that `ExecApprovalResponse` does not conform to `ElicitResult`, so I added a TODO to fix that, since I think that should be updated in a separate PR. As it stands, this PR does not update any business logic, though it does make a number of members of the `mcp-server` crate `pub` so they can be used in the test. One additional learning from this PR is that `std::process::Command::cargo_bin()` from the `assert_cmd` trait is only available for `std::process::Command`, but we really want to use `tokio::process::Command` so that everything is async and we can leverage utilities like `tokio::time::timeout()`. The trick I came up with was to use `cargo_bin()` to locate the program, and then to use `std::process::Command::get_program()` when constructing the `tokio::process::Command`.
2025-07-21 10:27:07 -07:00
"wiremock",
feat: introduce mcp-server crate (#792) This introduces the `mcp-server` crate, which contains a barebones MCP server that provides an `echo` tool that echoes the user's request back to them. To test it out, I launched [modelcontextprotocol/inspector](https://github.com/modelcontextprotocol/inspector) like so: ``` mcp-server$ npx @modelcontextprotocol/inspector cargo run -- ``` and opened up `http://127.0.0.1:6274` in my browser: ![image](https://github.com/user-attachments/assets/83fc55d4-25c2-4497-80cd-e9702283ff93) I also had to make a small fix to `mcp-types`, adding `#[serde(untagged)]` to a number of `enum`s.
2025-05-02 17:25:58 -07:00
]
Introduce `--oss` flag to use gpt-oss models (#1848) This adds support for easily running Codex backed by a local Ollama instance running our new open source models. See https://github.com/openai/gpt-oss for details. If you pass in `--oss` you'll be prompted to install/launch ollama, and it will automatically download the 20b model and attempt to use it. We'll likely want to expand this with some options later to make the experience smoother for users who can't run the 20b or want to run the 120b. Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-05 11:31:11 -07:00
[[package]]
name = "codex-ollama"
version = "0.0.0"
dependencies = [
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
"assert_matches",
Introduce `--oss` flag to use gpt-oss models (#1848) This adds support for easily running Codex backed by a local Ollama instance running our new open source models. See https://github.com/openai/gpt-oss for details. If you pass in `--oss` you'll be prompted to install/launch ollama, and it will automatically download the 20b model and attempt to use it. We'll likely want to expand this with some options later to make the experience smoother for users who can't run the 20b or want to run the 120b. Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-05 11:31:11 -07:00
"async-stream",
"bytes",
"codex-core",
"futures",
"reqwest",
"serde_json",
"tokio",
"tracing",
"wiremock",
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "codex-otel"
version = "0.0.0"
dependencies = [
"chrono",
[codex] add otel tracing (#7844)
2025-12-12 17:07:17 -08:00
"codex-api",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-app-server-protocol",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"codex-protocol",
fix: introduce AbsolutePathBuf and resolve relative paths in config.toml (#7796) This PR attempts to solve two problems by introducing a `AbsolutePathBuf` type with a special deserializer: - `AbsolutePathBuf` attempts to be a generally useful abstraction, as it ensures, by constructing, that it represents a value that is an absolute, normalized path, which is a stronger guarantee than an arbitrary `PathBuf`. - Values in `config.toml` that can be either an absolute or relative path should be resolved against the folder containing the `config.toml` in the relative path case. This PR makes this easy to support: the main cost is ensuring `AbsolutePathBufGuard` is used inside `deserialize_config_toml_with_base()`. While `AbsolutePathBufGuard` may seem slightly distasteful because it relies on thread-local storage, this seems much cleaner to me than using than my various experiments with https://docs.rs/serde/latest/serde/de/trait.DeserializeSeed.html. Further, since the `deserialize()` method from the `Deserialize` trait is not async, we do not really have to worry about the deserialization work being spread across multiple threads in a way that would interfere with `AbsolutePathBufGuard`. To start, this PR introduces the use of `AbsolutePathBuf` in `OtelTlsConfig`. Note how this simplifies `otel_provider.rs` because it no longer requires `settings.codex_home` to be threaded through. Furthermore, this sets us up better for a world where multiple `config.toml` files from different folders could be loaded and then merged together, as the absolutifying of the paths must be done against the correct parent folder.
2025-12-09 17:37:52 -08:00
"codex-utils-absolute-path",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"eventsource-stream",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"opentelemetry",
[codex] add otel tracing (#7844)
2025-12-12 17:07:17 -08:00
"opentelemetry-appender-tracing",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"opentelemetry-otlp",
"opentelemetry-semantic-conventions",
"opentelemetry_sdk",
"reqwest",
"serde",
"serde_json",
"strum_macros 0.27.2",
"tokio",
"tonic",
"tracing",
[codex] add otel tracing (#7844)
2025-12-12 17:07:17 -08:00
"tracing-opentelemetry",
"tracing-subscriber",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
]
chore: move pre_main_hardening() utility into its own crate (#4403)
2025-09-28 14:35:14 -07:00
[[package]]
name = "codex-process-hardening"
version = "0.0.0"
dependencies = [
"libc",
fix: pre-main hardening logic must tolerate non-UTF-8 env vars (#7749) We received a bug report that Codex CLI crashes when an env var contains a non-ASCII character, or more specifically, cannot be decoded as UTF-8: ```shell $ RUST_BACKTRACE=full RÖDBURK=1 codex thread '<unnamed>' panicked at library/std/src/env.rs:162:57: called `Result::unwrap()` on an `Err` value: "RÃ\xB6DBURK" stack backtrace: 0: 0x101905c18 - __mh_execute_header 1: 0x1012bd76c - __mh_execute_header 2: 0x1019050e4 - __mh_execute_header 3: 0x101905ad8 - __mh_execute_header 4: 0x101905874 - __mh_execute_header 5: 0x101904f38 - __mh_execute_header 6: 0x1019347bc - __mh_execute_header 7: 0x10193472c - __mh_execute_header 8: 0x101937884 - __mh_execute_header 9: 0x101b3bcd0 - __mh_execute_header 10: 0x101b3c0bc - __mh_execute_header 11: 0x101927a20 - __mh_execute_header 12: 0x1005c58d8 - __mh_execute_header thread '<unnamed>' panicked at library/core/src/panicking.rs:225:5: panic in a function that cannot unwind stack backtrace: 0: 0x101905c18 - __mh_execute_header 1: 0x1012bd76c - __mh_execute_header 2: 0x1019050e4 - __mh_execute_header 3: 0x101905ad8 - __mh_execute_header 4: 0x101905874 - __mh_execute_header 5: 0x101904f38 - __mh_execute_header 6: 0x101934794 - __mh_execute_header 7: 0x10193472c - __mh_execute_header 8: 0x101937884 - __mh_execute_header 9: 0x101b3c144 - __mh_execute_header 10: 0x101b3c1a0 - __mh_execute_header 11: 0x101b3c158 - __mh_execute_header 12: 0x1005c5ef8 - __mh_execute_header thread caused non-unwinding panic. aborting. ``` I discovered I could reproduce this on a release build, but not a dev build, so between that and the unhelpful stack trace, my mind went to the pre-`main()` logic we run in prod builds. Sure enough, we were operating on `std::env::vars()` instead of `std::env::vars_os()`, which is why the non-UTF-8 environment variable was causing an issue. This PR updates the logic to use `std::env::vars_os()` and adds a unit test. And to be extra sure, I also verified the fix works with a local release build: ``` $ cargo build --bin codex --release $ RÖDBURK=1 ./target/release/codex --version codex-cli 0.0.0 ```
2025-12-08 16:00:24 -08:00
"pretty_assertions",
chore: move pre_main_hardening() utility into its own crate (#4403)
2025-09-28 14:35:14 -07:00
]
fix: introduce codex-protocol crate (#2355)
2025-08-15 12:44:40 -07:00
[[package]]
name = "codex-protocol"
version = "0.0.0"
dependencies = [
Use anyhow::Result in tests for error propagation (#4105)
2025-09-23 13:31:36 -07:00
"anyhow",
chore: merge git crates (#5909) Merge `git-apply` and `git-tooling` into `utils/`
2025-10-29 12:11:44 +00:00
"codex-git",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"codex-utils-absolute-path",
feat: image resizing (#5446) Add image resizing on the client side to reduce load on the API
2025-10-27 16:58:10 +00:00
"codex-utils-image",
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
"icu_decimal",
"icu_locale_core",
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
"icu_provider",
fix: introduce codex-protocol crate (#2355)
2025-08-15 12:44:40 -07:00
"mcp-types",
Move models.rs to protocol (#2595) Moving models.rs to protocol so we can use them in `Codex` operations
2025-08-22 15:18:54 -07:00
"mime_guess",
fix: add more fields to ThreadStartResponse and ThreadResumeResponse (#6847) This adds the following fields to `ThreadStartResponse` and `ThreadResumeResponse`: ```rust pub model: String, pub model_provider: String, pub cwd: PathBuf, pub approval_policy: AskForApproval, pub sandbox: SandboxPolicy, pub reasoning_effort: Option<ReasoningEffort>, ``` This is important because these fields are optional in `ThreadStartParams` and `ThreadResumeParams`, so the caller needs to be able to determine what values were ultimately used to start/resume the conversation. (Though note that any of these could be changed later between turns in the conversation.) Though to get this information reliably, it must be read from the internal `SessionConfiguredEvent` that is created in response to the start of a conversation. Because `SessionConfiguredEvent` (as defined in `codex-rs/protocol/src/protocol.rs`) did not have all of these fields, a number of them had to be added as part of this PR. Because `SessionConfiguredEvent` is referenced in many tests, test instances of `SessionConfiguredEvent` had to be updated, as well, which is why this PR touches so many files.
2025-11-18 21:18:43 -08:00
"pretty_assertions",
Generate JSON schema for app-server protocol (#5063) Add annotations and an export script that let us generate app-server protocol types as typescript and JSONSchema. The script itself is a bit hacky because we need to manually label some of the types. Unfortunately it seems that enum variants don't get good names by default and end up with something like `EventMsg1`, `EventMsg2`, etc. I'm not an expert in this by any means, but since this is only run manually and we already need to enumerate the types required to describe the protocol, it didn't seem that much worse. An ideal solution here would be to have some kind of root that we could generate schemas for in one go, but I'm not sure if that's compatible with how we generate the protocol today.
2025-10-20 11:45:11 -07:00
"schemars 0.8.22",
fix: introduce codex-protocol crate (#2355)
2025-08-15 12:44:40 -07:00
"serde",
"serde_json",
fix: use a more efficient wire format for ExecCommandOutputDeltaEvent.chunk (#3163) When serializing to JSON, the existing solution created an enormous array of ints, which is far more bytes on the wire than a base64-encoded string would be.
2025-09-04 08:21:58 -07:00
"serde_with",
fix: introduce codex-protocol crate (#2355)
2025-08-15 12:44:40 -07:00
"strum 0.27.2",
"strum_macros 0.27.2",
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
"sys-locale",
fix: include rollout_path in NewConversationResponse (#3352) Adding the `rollout_path` to the `NewConversationResponse` makes it so a client can perform subsequent operations on a `(ConversationId, PathBuf)` pair. #3353 will introduce support for `ArchiveConversation`. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/3352). * #3353 * __->__ #3352
2025-09-09 00:11:48 -07:00
"tempfile",
Move models.rs to protocol (#2595) Moving models.rs to protocol so we can use them in `Codex` operations
2025-08-22 15:18:54 -07:00
"tracing",
protocol-ts (#2425)
2025-08-18 13:08:53 -07:00
"ts-rs",
fix: introduce codex-protocol crate (#2355)
2025-08-15 12:44:40 -07:00
"uuid",
]
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "codex-responses-api-proxy"
version = "0.0.0"
dependencies = [
"anyhow",
"clap",
chore: remove responses-api-proxy from the multitool (#4404) This removes the `codex responses-api-proxy` subcommand in favor of running it as a standalone CLI. As part of this change, we: - remove the dependency on `tokio`/`async/await` as well as `codex_arg0` - introduce the use of `pre_main_hardening()` so `CODEX_SECURE_MODE=1` is not required --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/4404). * #4406 * __->__ #4404 * #4403
2025-09-28 15:22:27 -07:00
"codex-process-hardening",
"ctor 0.5.0",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"libc",
"reqwest",
"serde",
"serde_json",
"tiny_http",
"zeroize",
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "codex-rmcp-client"
version = "0.0.0"
dependencies = [
"anyhow",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"axum",
[Auth] Add keyring support for Codex CLI (#5591) Follow-up PR to #5569. Add Keyring Support for Auth Storage in Codex CLI as well as a hybrid mode (default to persisting in keychain but fall back to file when unavailable.) It also refactors out the keyringstore implementation from rmcp-client [here](https://github.com/openai/codex/blob/main/codex-rs/rmcp-client/src/oauth.rs) to a new keyring-store crate. There will be a follow-up that picks the right credential mode depending on the config, instead of hardcoding `AuthCredentialsStoreMode::File`.
2025-10-27 12:10:11 -07:00
"codex-keyring-store",
[MCP] Add auth status to MCP servers (#4918) This adds a queryable auth status for MCP servers which is useful: 1. To determine whether a streamable HTTP server supports auth or not based on whether or not it supports RFC 8414-3.2 2. Allow us to build a better user experience on top of MCP status
2025-10-08 14:37:57 -07:00
"codex-protocol",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"dirs",
[MCP] Add support for resources (#5239) This PR adds support for [MCP resources](https://modelcontextprotocol.io/specification/2025-06-18/server/resources) by adding three new tools for the model: 1. `list_resources` 2. `list_resource_templates` 3. `read_resource` These 3 tools correspond to the [three primary MCP resource protocol messages](https://modelcontextprotocol.io/specification/2025-06-18/server/resources#protocol-messages). Example of listing and reading a GitHub resource tempalte <img width="2984" height="804" alt="CleanShot 2025-10-15 at 17 31 10" src="https://github.com/user-attachments/assets/89b7f215-2e2a-41c5-90dd-b932ac84a585" /> `/mcp` with Figma configured <img width="2984" height="442" alt="CleanShot 2025-10-15 at 18 29 35" src="https://github.com/user-attachments/assets/a7578080-2ed2-4c59-b9b4-d8461f90d8ee" /> Fixes #4956
2025-10-16 22:05:15 -07:00
"escargot",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"futures",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"keyring",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"mcp-types",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"oauth2",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"pretty_assertions",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"reqwest",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"rmcp",
"serde",
"serde_json",
[MCP] Allow specifying cwd and additional env vars (#5246) This makes stdio mcp servers more flexible by allowing users to specify the cwd to run the server command from and adding additional environment variables to be passed through to the server. Example config using the test server in this repo: ```toml [mcp_servers.test_stdio] cwd = "/Users/<user>/code/codex/codex-rs" command = "cargo" args = ["run", "--bin", "test_stdio_server"] env_vars = ["MCP_TEST_VALUE"] ``` @bolinfest I know you hate these env var tests but let's roll with this for now. I may take a stab at the env guard + serial macro at some point.
2025-10-16 21:24:43 -07:00
"serial_test",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"sha2",
"tempfile",
"tiny_http",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"tokio",
"tracing",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"urlencoding",
"webbrowser",
fix: resolve Windows MCP server execution for script-based tools (#3828) ## What? Fixes MCP server initialization failures on Windows when using script-based tools like `npx`, `pnpm`, and `yarn` that rely on `.cmd`/`.bat` files rather than `.exe` binaries. Fixes #2945 ## Why? Windows users encounter "program not found" errors when configuring MCP servers with commands like `npx` in their `~/.codex/config.toml`. This happens because: - Tools like `npx` are batch scripts (`npx.cmd`) on Windows, not executable binaries - Rust's `std::process::Command` bypasses the shell and cannot execute these scripts directly - The Windows shell normally handles this by checking `PATHEXT` for executable extensions Without this fix, Windows users must specify full paths or add `.cmd` extensions manually, which breaks cross-platform compatibility. ## How? Added platform-specific program resolution using the `which` crate to find the correct executable path: - **Windows**: Resolves programs through PATH/PATHEXT to find `.cmd`/`.bat` scripts - **Unix**: Returns the program unchanged (no-op, as Unix handles scripts natively) ### Changes - Added `which = "6"` dependency to `mcp-client/Cargo.toml` - Implemented `program_resolver` module in `mcp_client.rs` with platform-specific resolution - Added comprehensive tests for both Windows and Unix behavior ### Testing Added platform-specific tests to verify: - Unix systems execute scripts without extensions - Windows fails without proper extensions - Windows succeeds with explicit extensions - Cross-platform resolution enables successful execution **Tested on:** - Windows 11 (NT 10.0.26100.0 x64) - PowerShell 5.1 & 7+, CMD, Git Bash - MCP servers: playwright, context7, supabase - WSL (verified no regression) **Local checks passed:** ```bash cargo test && cargo clippy --tests && cargo fmt -- --config imports_granularity=Item ``` ### Results **Before:** ``` 🖐 MCP client for `playwright` failed to start: program not found ``` **After:** ``` 🖐 MCP client for `playwright` failed to start: request timed out ``` Windows users can now use simple commands like `npx` in their config without specifying full paths or extensions. The timeout issue is a separate concern that will be addressed in a follow-up PR. --------- Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-17 06:41:10 +09:00
"which",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
feat: experimental `codex stdio-to-uds` subcommand (#5350)
2025-10-19 21:12:45 -07:00
[[package]]
name = "codex-stdio-to-uds"
version = "0.0.0"
dependencies = [
"anyhow",
"assert_cmd",
"pretty_assertions",
"tempfile",
"uds_windows",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "codex-tui"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"anyhow",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"arboard",
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
"assert_matches",
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
check for updates (#1764) 1. Ping https://api.github.com/repos/openai/codex/releases/latest (at most once every 20 hrs) 2. Store the result in ~/.codex/version.jsonl 3. If CARGO_PKG_VERSION < latest_version, print a message at boot. --------- Co-authored-by: easong-openai <easong@openai.com>
2025-08-01 17:31:38 -07:00
"chrono",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"clap",
"codex-ansi-escape",
fix: remove mcp-types from app server protocol (#4537) We continue the separation between `codex app-server` and `codex mcp-server`. In particular, we introduce a new crate, `codex-app-server-protocol`, and migrate `codex-rs/protocol/src/mcp_protocol.rs` into it, renaming it `codex-rs/app-server-protocol/src/protocol.rs`. Because `ConversationId` was defined in `mcp_protocol.rs`, we move it into its own file, `codex-rs/protocol/src/conversation_id.rs`, and because it is referenced in a ton of places, we have to touch a lot of files as part of this PR. We also decide to get away from proper JSON-RPC 2.0 semantics, so we also introduce `codex-rs/app-server-protocol/src/jsonrpc_lite.rs`, which is basically the same `JSONRPCMessage` type defined in `mcp-types` except with all of the `"jsonrpc": "2.0"` removed. Getting rid of `"jsonrpc": "2.0"` makes our serialization logic considerably simpler, as we can lean heavier on serde to serialize directly into the wire format that we use now.
2025-09-30 19:16:26 -07:00
"codex-app-server-protocol",
fix: move arg0 handling out of codex-linux-sandbox and into its own crate (#1697)
2025-07-28 08:31:24 -07:00
"codex-arg0",
background rate limits fetch (#6789) fetching rate limits every minute asynchronously
2025-11-17 16:06:26 -08:00
"codex-backend-client",
chore: introduce codex-common crate (#843) I started this PR because I wanted to share the `format_duration()` utility function in `codex-rs/exec/src/event_processor.rs` with the TUI. The question was: where to put it? `core` should have as few dependencies as possible, so moving it there would introduce a dependency on `chrono`, which seemed undesirable. `core` already had this `cli` feature to deal with a similar situation around sharing common utility functions, so I decided to: * make `core` feature-free * introduce `common` * `common` can have as many "special interest" features as it needs, each of which can declare their own deps * the first two features of common are `cli` and `elapsed` In practice, this meant updating a number of `Cargo.toml` files, replacing this line: ```toml codex-core = { path = "../core", features = ["cli"] } ``` with these: ```toml codex-core = { path = "../core" } codex-common = { path = "../common", features = ["cli"] } ``` Moving `format_duration()` into its own file gave it some "breathing room" to add a unit test, so I had Codex generate some tests and new support for durations over 1 minute.
2025-05-06 17:38:56 -07:00
"codex-common",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"codex-core",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
"codex-feedback",
feat: add support for @ to do file search (#1401) Introduces support for `@` to trigger a fuzzy-filename search in the composer. Under the hood, this leverages https://crates.io/crates/nucleo-matcher to do the fuzzy matching and https://crates.io/crates/ignore to build up the list of file candidates (so that it respects `.gitignore`). For simplicity (at least for now), we do not do any caching between searches like VS Code does for its file search: https://github.com/microsoft/vscode/blob/1d89ed699b2e924d418c856318a3e12bca67ff3a/src/vs/workbench/services/search/node/rawSearchService.ts#L212-L218 Because we do not do any caching, I saw queries take up to three seconds on large repositories with hundreds of thousands of files. To that end, we do not perform searches synchronously on each keystroke, but instead dispatch an event to do the search on a background thread that asynchronously reports back to the UI when the results are available. This is largely handled by the `FileSearchManager` introduced in this PR, which also has logic for debouncing requests so there is at most one search in flight at a time. While we could potentially polish and tune this feature further, it may already be overengineered for how it will be used, in practice, so we can improve things going forward if it turns out that this is not "good enough" in the wild. Note this feature does not work like `@` in the TypeScript CLI, which was more like directory-based tab completion. In the Rust CLI, `@` triggers a full-repo fuzzy-filename search. Fixes https://github.com/openai/codex/issues/1261.
2025-06-28 13:47:42 -07:00
"codex-file-search",
feat: add support for login with ChatGPT (#1212) This does not implement the full Login with ChatGPT experience, but it should unblock people. **What works** * The `codex` multitool now has a `login` subcommand, so you can run `codex login`, which should write `CODEX_HOME/auth.json` if you complete the flow successfully. The TUI will now read the `OPENAI_API_KEY` from `auth.json`. * The TUI should refresh the token if it has expired and the necessary information is in `auth.json`. * There is a `LoginScreen` in the TUI that tells you to run `codex login` if both (1) your model provider expects to use `OPENAI_API_KEY` as its env var, and (2) `OPENAI_API_KEY` is not set. **What does not work** * The `LoginScreen` does not support the login flow from within the TUI. Instead, it tells you to quit, run `codex login`, and then run `codex` again. * `codex exec` does read from `auth.json` yet, nor does it direct the user to go through the login flow if `OPENAI_API_KEY` is not be found. * The `maybeRedeemCredits()` function from `get-api-key.tsx` has not been ported from TypeScript to `login_with_chatgpt.py` yet: https://github.com/openai/codex/blob/a67a67f3258fc21e147b6786a143fe3e15e6d5ba/codex-cli/src/utils/get-api-key.tsx#L84-L89 **Implementation** Currently, the OAuth flow requires running a local webserver on `127.0.0.1:1455`. It seemed wasteful to incur the additional binary cost of a webserver dependency in the Rust CLI just to support login, so instead we implement this logic in Python, as Python has a `http.server` module as part of its standard library. Specifically, we bundle the contents of a single Python file as a string in the Rust CLI and then use it to spawn a subprocess as `python3 -c {{SOURCE_FOR_PYTHON_SERVER}}`. As such, the most significant files in this PR are: ``` codex-rs/login/src/login_with_chatgpt.py codex-rs/login/src/lib.rs ``` Now that the CLI may load `OPENAI_API_KEY` from the environment _or_ `CODEX_HOME/auth.json`, we need a new abstraction for reading/writing this variable, so we introduce: ``` codex-rs/core/src/openai_api_key.rs ``` Note that `std::env::set_var()` is [rightfully] `unsafe` in Rust 2024, so we use a LazyLock<RwLock<Option<String>>> to store `OPENAI_API_KEY` so it is read in a thread-safe manner. Ultimately, it should be possible to go through the entire login flow from the TUI. This PR introduces a placeholder `LoginScreen` UI for that right now, though the new `codex login` subcommand introduced in this PR should be a viable workaround until the UI is ready. **Testing** Because the login flow is currently implemented in a standalone Python file, you can test it without building any Rust code as follows: ``` rm -rf /tmp/codex_home && mkdir /tmp/codex_home CODEX_HOME=/tmp/codex_home python3 codex-rs/login/src/login_with_chatgpt.py ``` For reference: * the original TypeScript implementation was introduced in https://github.com/openai/codex/pull/963 * support for redeeming credits was later added in https://github.com/openai/codex/pull/974
2025-06-04 08:44:17 -07:00
"codex-login",
fix: introduce codex-protocol crate (#2355)
2025-08-15 12:44:40 -07:00
"codex-protocol",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"codex-utils-absolute-path",
Windows Sandbox: Show Everyone-writable directory warning (#6283) Show a warning when Auto Sandbox mode becomes enabled, if we detect Everyone-writable directories, since they cannot be protected by the current implementation of the Sandbox. This PR also includes changes to how we detect Everyone-writable to be *much* faster
2025-11-06 10:44:42 -08:00
"codex-windows-sandbox",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"color-eyre",
"crossterm",
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
"derive_more 2.0.1",
Change the UI of apply patch (#1907) <img width="487" height="108" alt="image" src="https://github.com/user-attachments/assets/3f6ffd56-36f6-40bc-b999-64279705416a" /> --------- Co-authored-by: Gabriel Peal <gpeal@users.noreply.github.com>
2025-08-06 22:25:41 -07:00
"diffy",
feat: update splash (#3631) - Update splash styling. - Add center truncation for long paths. (Uses new `center_truncate_path` utility.) - Update the suggested commands. ## New splash <img width="560" height="326" alt="image" src="https://github.com/user-attachments/assets/b80d7075-f376-4019-a464-b96a78b0676d" /> ## Example with truncation: <img width="524" height="317" alt="image" src="https://github.com/user-attachments/assets/b023c5cc-0bf0-4d21-9b98-bfea85546eda" />
2025-09-15 06:44:40 -07:00
"dirs",
canonicalize display of Agents.md paths on Windows. (#4577) Canonicalize path on Windows to - remove unattractive path prefixes such as `\\?\` - simplify it (`../AGENTS.md` vs `C:\Users\iceweasel\code\coded\Agents.md`) before: <img width="1110" height="45" alt="Screenshot 2025-10-01 123520" src="https://github.com/user-attachments/assets/48920ae6-d89c-41b8-b4ea-df5c18fb5fad" /> after: <img width="585" height="46" alt="Screenshot 2025-10-01 123612" src="https://github.com/user-attachments/assets/70a1761a-9d97-4836-b14c-670b6f13e608" />
2025-10-01 14:33:19 -07:00
"dunce",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
"image",
Add paste summarization to Codex TUI (#1549) ## Summary - introduce `Paste` event to avoid per-character paste handling - collapse large pasted blocks to `[Pasted Content X lines]` - store the real text so submission still includes it - wire paste handling through `App`, `ChatWidget`, `BottomPane`, and `ChatComposer` ## Testing - `cargo test -p codex-tui` ------ https://chatgpt.com/codex/tasks/task_i_6871e24abf80832184d1f3ca0c61a5ee https://github.com/user-attachments/assets/eda7412f-da30-4474-9f7c-96b49d48fbf8
2025-07-12 15:32:00 -07:00
"insta",
rework message styling (#2877) https://github.com/user-attachments/assets/cf07f62b-1895-44bb-b9c3-7a12032eb371
2025-09-02 10:29:58 -07:00
"itertools 0.14.0",
feat: add support for file_opener option in Rust, similiar to #911 (#957) This ports the enhancement introduced in https://github.com/openai/codex/pull/911 (and the fixes in https://github.com/openai/codex/pull/919) for the TypeScript CLI to the Rust one.
2025-05-16 11:33:08 -07:00
"lazy_static",
fix: update ctrl-z to suspend tui (#2113) - Lean on ctrl-c and esc to interrupt. - (Only on unix.) https://github.com/user-attachments/assets/7ce6c57f-6ee2-40c2-8cd2-b31265f16c1c
2025-08-11 22:03:58 -07:00
"libc",
feat: show MCP tool calls in TUI (#836) Adds logic for the `McpToolCallBegin` and `McpToolCallEnd` events in `codex-rs/tui/src/chatwidget.rs` so they get entries in the conversation history in the TUI. Building on top of https://github.com/openai/codex/pull/829, here is the result of running: ``` cargo run --bin codex -- 'what is the weather in san francisco tomorrow' ``` ![image](https://github.com/user-attachments/assets/db4a79bb-4988-46cb-acb2-446d5ba9e058)
2025-05-06 16:12:15 -07:00
"mcp-types",
rework message styling (#2877) https://github.com/user-attachments/assets/cf07f62b-1895-44bb-b9c3-7a12032eb371
2025-09-02 10:29:58 -07:00
"pathdiff",
feat: add support for file_opener option in Rust, similiar to #911 (#957) This ports the enhancement introduced in https://github.com/openai/codex/pull/911 (and the fixes in https://github.com/openai/codex/pull/919) for the TypeScript CLI to the Rust one.
2025-05-16 11:33:08 -07:00
"pretty_assertions",
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
"pulldown-cmark",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand 0.9.2",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"ratatui",
fix terminal corruption that could happen when onboarding and update banner (#5269) Instead of printing characters before booting the app, make the upgrade banner a history cell so it's well-behaved. <img width="771" height="586" alt="Screenshot 2025-10-16 at 4 20 51 PM" src="https://github.com/user-attachments/assets/90629d47-2c3d-4970-a826-283795ab34e5" /> --------- Co-authored-by: Josh McKinney <joshka@openai.com>
2025-10-20 14:40:14 -07:00
"ratatui-macros",
chore: replace regex with regex-lite, where appropriate (#1200) As explained on https://crates.io/crates/regex-lite, `regex-lite` is a lighter alternative to `regex` and seems to be sufficient for our purposes.
2025-06-02 17:11:45 -07:00
"regex-lite",
LM Studio OSS Support (#2312) ## Overview Adds LM Studio OSS support. Closes #1883 ### Changes This PR enhances the behavior of `--oss` flag to support LM Studio as a provider. Additionally, it introduces a new flag`--local-provider` which can take in `lmstudio` or `ollama` as values if the user wants to explicitly choose which one to use. If no provider is specified `codex --oss` will auto-select the provider based on whichever is running. #### Additional enhancements The default can be set using `oss-provider` in config like: ``` oss_provider = "lmstudio" ``` For non-interactive users, they will need to either provide the provider as an arg or have it in their `config.toml` ### Notes For best performance, [set the default context length](https://lmstudio.ai/docs/app/advanced/per-model) for gpt-oss to the maximum your machine can support --------- Co-authored-by: Matt Clayton <matt@lmstudio.ai> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-17 14:49:09 -05:00
"reqwest",
check for updates (#1764) 1. Ping https://api.github.com/repos/openai/codex/releases/latest (at most once every 20 hrs) 2. Store the result in ~/.codex/version.jsonl 3. If CARGO_PKG_VERSION < latest_version, print a message at boot. --------- Co-authored-by: easong-openai <easong@openai.com>
2025-08-01 17:31:38 -07:00
"serde",
feat: show MCP tool calls in TUI (#836) Adds logic for the `McpToolCallBegin` and `McpToolCallEnd` events in `codex-rs/tui/src/chatwidget.rs` so they get entries in the conversation history in the TUI. Building on top of https://github.com/openai/codex/pull/829, here is the result of running: ``` cargo run --bin codex -- 'what is the weather in san francisco tomorrow' ``` ![image](https://github.com/user-attachments/assets/db4a79bb-4988-46cb-acb2-446d5ba9e058)
2025-05-06 16:12:15 -07:00
"serde_json",
Do not skip trust prompt on Windows if sandbox is enabled. (#6167) If the experimental windows sandbox is enabled, the trust prompt should show on Windows.
2025-11-03 11:27:45 -08:00
"serial_test",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"shlex",
chore(deps): bump strum from 0.27.1 to 0.27.2 in /codex-rs (#1639) Bumps [strum](https://github.com/Peternator7/strum) from 0.27.1 to 0.27.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/releases">strum's releases</a>.</em></p> <blockquote> <h2>v0.27.2</h2> <h2>What's Changed</h2> <ul> <li>Adding support for doc comments on <code>EnumDiscriminants</code> generated type… by <a href="https://github.com/linclelinkpart5"><code>@​linclelinkpart5</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/141">Peternator7/strum#141</a></li> <li>Drop needless <code>rustversion</code> dependency by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li>Upgrade <code>phf</code> to v0.12 by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/448">Peternator7/strum#448</a></li> <li>allow discriminants on empty enum by <a href="https://github.com/crop2000"><code>@​crop2000</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li>Remove broken link to EnumTable docs by <a href="https://github.com/schneems"><code>@​schneems</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li>Change enum table callbacks to FnMut. by <a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li>Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li>Implement a <code>suffix</code> attribute for serialization of enum variants by <a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> <li>Expound upon use_phf docs by <a href="https://github.com/Peternator7"><code>@​Peternator7</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/449">Peternator7/strum#449</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li><a href="https://github.com/crop2000"><code>@​crop2000</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li><a href="https://github.com/schneems"><code>@​schneems</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li><a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li><a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li><a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum's changelog</a>.</em></p> <blockquote> <h2>0.27.2</h2> <ul> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/141">#141</a>: Adding support for doc comments on <code>EnumDiscriminants</code> generated type.</p> <ul> <li>The doc comment will be copied from the variant on the type itself.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/435">#435</a>:allow discriminants on empty enum.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/443">#443</a>: Change enum table callbacks to FnMut.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/444">#444</a>: Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></p> <ul> <li>This should make the linter less noisy with warnings in generated code.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/440">#440</a>: Implement a <code>suffix</code> attribute for serialization of enum variants.</p> <pre lang="rust"><code>#[derive(strum::Display)] #[strum(suffix=&quot;.json&quot;)] #[strum(serialize_all=&quot;snake_case&quot;)] enum StorageConfiguration { PostgresProvider, S3StorageProvider, AzureStorageProvider, } <p>fn main() { let response = SurveyResponse::Other(&quot;It was good&quot;.into()); println!(&quot;Loading configuration from: {}&quot;, StorageConfiguration::PostgresProvider); // prints: Loaded Configuration from: postgres_provider.json } </code></pre></p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/446">#446</a>: Drop needless <code>rustversion</code> dependency.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Peternator7/strum/commit/38f66210e7ca0bb156f3632dcf24a2548959c379"><code>38f6621</code></a> Expound upon use_phf docs (<a href="https://redirect.github.com/Peternator7/strum/issues/449">#449</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/bb1339026b44773e395913340f4e60972fa5e6a1"><code>bb13390</code></a> Implement a <code>suffix</code> attribute for serialization of enum variants (<a href="https://redirect.github.com/Peternator7/strum/issues/440">#440</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/c9e52bfd2865c8c766e0379f9e7bf57621a104e3"><code>c9e52bf</code></a> Add <code>#[automatically_derived]</code> to the <code>impl</code>s (<a href="https://redirect.github.com/Peternator7/strum/issues/444">#444</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/1b00f899e52f43fa35c4d406c901d33b1e9645e2"><code>1b00f89</code></a> Change enum table callbacks to FnMut. (<a href="https://redirect.github.com/Peternator7/strum/issues/443">#443</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/6e2ca25fba8ebdfa403ada6a2bf2f3b15403b2cf"><code>6e2ca25</code></a> Remove broken link to EnumTable docs (<a href="https://redirect.github.com/Peternator7/strum/issues/427">#427</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/95037811412792c9cd70586598aa88d7f514c0ac"><code>9503781</code></a> allow discriminants on empty enum (<a href="https://redirect.github.com/Peternator7/strum/issues/435">#435</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/8553ba2845989337d88a7170f7f0c419945bf156"><code>8553ba2</code></a> Upgrade <code>phf</code> to v0.12 (<a href="https://redirect.github.com/Peternator7/strum/issues/448">#448</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/2eba5c2a5c0b827317bafcb1f545af67b5ce9110"><code>2eba5c2</code></a> Drop needless <code>rustversion</code> dependency (<a href="https://redirect.github.com/Peternator7/strum/issues/446">#446</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/f301b67d9122b271e0531ab7f167c4585cefa484"><code>f301b67</code></a> Merge branch 'linclelinkpart5-master-2'</li> <li><a href="https://github.com/Peternator7/strum/commit/455b2bf859640dc27442b9d38f58ce8da7e3bd6e"><code>455b2bf</code></a> Merge branch 'master' of <a href="https://github.com/linclelinkpart5/strum">https://github.com/linclelinkpart5/strum</a> into lincle...</li> <li>See full diff in <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum&package-manager=cargo&previous-version=0.27.1&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 16:07:33 -07:00
"strum 0.27.2",
chore(deps): bump strum_macros from 0.27.1 to 0.27.2 in /codex-rs (#1638) Bumps [strum_macros](https://github.com/Peternator7/strum) from 0.27.1 to 0.27.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/releases">strum_macros's releases</a>.</em></p> <blockquote> <h2>v0.27.2</h2> <h2>What's Changed</h2> <ul> <li>Adding support for doc comments on <code>EnumDiscriminants</code> generated type… by <a href="https://github.com/linclelinkpart5"><code>@​linclelinkpart5</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/141">Peternator7/strum#141</a></li> <li>Drop needless <code>rustversion</code> dependency by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li>Upgrade <code>phf</code> to v0.12 by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/448">Peternator7/strum#448</a></li> <li>allow discriminants on empty enum by <a href="https://github.com/crop2000"><code>@​crop2000</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li>Remove broken link to EnumTable docs by <a href="https://github.com/schneems"><code>@​schneems</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li>Change enum table callbacks to FnMut. by <a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li>Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li>Implement a <code>suffix</code> attribute for serialization of enum variants by <a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> <li>Expound upon use_phf docs by <a href="https://github.com/Peternator7"><code>@​Peternator7</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/449">Peternator7/strum#449</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li><a href="https://github.com/crop2000"><code>@​crop2000</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li><a href="https://github.com/schneems"><code>@​schneems</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li><a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li><a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li><a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum_macros's changelog</a>.</em></p> <blockquote> <h2>0.27.2</h2> <ul> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/141">#141</a>: Adding support for doc comments on <code>EnumDiscriminants</code> generated type.</p> <ul> <li>The doc comment will be copied from the variant on the type itself.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/435">#435</a>:allow discriminants on empty enum.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/443">#443</a>: Change enum table callbacks to FnMut.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/444">#444</a>: Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></p> <ul> <li>This should make the linter less noisy with warnings in generated code.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/440">#440</a>: Implement a <code>suffix</code> attribute for serialization of enum variants.</p> <pre lang="rust"><code>#[derive(strum::Display)] #[strum(suffix=&quot;.json&quot;)] #[strum(serialize_all=&quot;snake_case&quot;)] enum StorageConfiguration { PostgresProvider, S3StorageProvider, AzureStorageProvider, } <p>fn main() { let response = SurveyResponse::Other(&quot;It was good&quot;.into()); println!(&quot;Loading configuration from: {}&quot;, StorageConfiguration::PostgresProvider); // prints: Loaded Configuration from: postgres_provider.json } </code></pre></p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/446">#446</a>: Drop needless <code>rustversion</code> dependency.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Peternator7/strum/commit/38f66210e7ca0bb156f3632dcf24a2548959c379"><code>38f6621</code></a> Expound upon use_phf docs (<a href="https://redirect.github.com/Peternator7/strum/issues/449">#449</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/bb1339026b44773e395913340f4e60972fa5e6a1"><code>bb13390</code></a> Implement a <code>suffix</code> attribute for serialization of enum variants (<a href="https://redirect.github.com/Peternator7/strum/issues/440">#440</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/c9e52bfd2865c8c766e0379f9e7bf57621a104e3"><code>c9e52bf</code></a> Add <code>#[automatically_derived]</code> to the <code>impl</code>s (<a href="https://redirect.github.com/Peternator7/strum/issues/444">#444</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/1b00f899e52f43fa35c4d406c901d33b1e9645e2"><code>1b00f89</code></a> Change enum table callbacks to FnMut. (<a href="https://redirect.github.com/Peternator7/strum/issues/443">#443</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/6e2ca25fba8ebdfa403ada6a2bf2f3b15403b2cf"><code>6e2ca25</code></a> Remove broken link to EnumTable docs (<a href="https://redirect.github.com/Peternator7/strum/issues/427">#427</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/95037811412792c9cd70586598aa88d7f514c0ac"><code>9503781</code></a> allow discriminants on empty enum (<a href="https://redirect.github.com/Peternator7/strum/issues/435">#435</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/8553ba2845989337d88a7170f7f0c419945bf156"><code>8553ba2</code></a> Upgrade <code>phf</code> to v0.12 (<a href="https://redirect.github.com/Peternator7/strum/issues/448">#448</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/2eba5c2a5c0b827317bafcb1f545af67b5ce9110"><code>2eba5c2</code></a> Drop needless <code>rustversion</code> dependency (<a href="https://redirect.github.com/Peternator7/strum/issues/446">#446</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/f301b67d9122b271e0531ab7f167c4585cefa484"><code>f301b67</code></a> Merge branch 'linclelinkpart5-master-2'</li> <li><a href="https://github.com/Peternator7/strum/commit/455b2bf859640dc27442b9d38f58ce8da7e3bd6e"><code>455b2bf</code></a> Merge branch 'master' of <a href="https://github.com/linclelinkpart5/strum">https://github.com/linclelinkpart5/strum</a> into lincle...</li> <li>See full diff in <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum_macros&package-manager=cargo&previous-version=0.27.1&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 16:34:16 -07:00
"strum_macros 0.27.2",
cloud: status, diff, apply (#7614) Adds cli commands for getting the status of cloud tasks, and for getting/applying the diffs from same.
2025-12-05 13:39:23 -08:00
"supports-color 3.0.2",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"tempfile",
custom textarea (#1794) This replaces tui-textarea with a custom textarea component. Key differences: 1. wrapped lines 2. better unicode handling 3. uses the native terminal cursor This should perhaps be spun out into its own separate crate at some point, but for now it's convenient to have it in-tree.
2025-08-03 11:31:35 -07:00
"textwrap 0.16.2",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio",
tui: switch to using tokio + EventStream for processing crossterm events (#2489) bringing the tui more into tokio-land to make it easier to factorize. fyi @bolinfest
2025-08-20 10:11:09 -07:00
"tokio-stream",
refactor: tui.rs extract several pieces (#7461) Pull FrameRequester out of tui.rs into its own module and make a FrameScheduler struct. This is effectively an Actor/Handler approach (see https://ryhl.io/blog/actors-with-tokio/). Adds tests and docs. Small refactor of pending_viewport_area logic.
2025-12-02 15:19:27 -08:00
"tokio-util",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"toml 0.9.5",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tracing",
"tracing-appender",
"tracing-subscriber",
feat(tui): switch to tree-sitter-highlight bash highlighting (#4666) use tree-sitter-highlight instead of custom logic over the tree-sitter tree to highlight bash.
2025-10-07 16:20:12 -07:00
"tree-sitter-bash",
"tree-sitter-highlight",
codex-rs: make tool calls prettier (#1211) This PR overhauls how active tool calls and completed tool calls are displayed: 1. More use of colour to indicate success/failure and distinguish between components like tool name+arguments 2. Previously, the entire `CallToolResult` was serialized to JSON and pretty-printed. Now, we extract each individual `CallToolResultContent` and print those 1. The previous solution was wasting space by unnecessarily showing details of the `CallToolResult` struct to users, without formatting the actual tool call results nicely 2. We're now able to show users more information from tool results in less space, with nicer formatting when tools return JSON results ### Before: <img width="1251" alt="Screenshot 2025-06-03 at 11 24 26" src="https://github.com/user-attachments/assets/5a58f222-219c-4c53-ace7-d887194e30cf" /> ### After: <img width="1265" alt="image" src="https://github.com/user-attachments/assets/99fe54d0-9ebe-406a-855b-7aa529b91274" /> ## Future Work 1. Integrate image tool result handling better. We should be able to display images even if they're not the first `CallToolResultContent` 2. Users should have some way to view the full version of truncated tool results 3. It would be nice to add some left padding for tool results, make it more clear that they are results. This is doable, just a little fiddly due to the way `first_visible_line` scrolling works 4. There's almost certainly a better way to format JSON than "all on 1 line with spaces to make Ratatui wrapping work". But I think that works OK for now.
2025-06-03 14:29:26 -07:00
"unicode-segmentation",
chore(deps): bump unicode-width from 0.1.14 to 0.2.1 in /codex-rs (#2156) Bumps [unicode-width](https://github.com/unicode-rs/unicode-width) from 0.1.14 to 0.2.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/unicode-rs/unicode-width/commit/0085e91db72ae9a4498e62030d9651f1c1d09b4f"><code>0085e91</code></a> Publish 0.2.1</li> <li><a href="https://github.com/unicode-rs/unicode-width/commit/6db0c14cbde54b1343335be38c7fdcb6451efb25"><code>6db0c14</code></a> Remove <code>compiler-builtins</code> from <code>rustc-dep-of-std</code> dependencies (<a href="https://redirect.github.com/unicode-rs/unicode-width/issues/77">#77</a>)</li> <li><a href="https://github.com/unicode-rs/unicode-width/commit/0bccd3f1b55b15e7796a5f591a9f24ef28889b1b"><code>0bccd3f</code></a> update copyright year (<a href="https://redirect.github.com/unicode-rs/unicode-width/issues/76">#76</a>)</li> <li><a href="https://github.com/unicode-rs/unicode-width/commit/7a7fcdc8134a67e0b8deaac7deb4f12559550eaf"><code>7a7fcdc</code></a> Support Unicode 16 (<a href="https://redirect.github.com/unicode-rs/unicode-width/issues/74">#74</a>)</li> <li><a href="https://github.com/unicode-rs/unicode-width/commit/82d7136b494ded1fe83a269e673fd85dfc4a92a6"><code>82d7136</code></a> Advertise and enforce MSRV (<a href="https://redirect.github.com/unicode-rs/unicode-width/issues/73">#73</a>)</li> <li><a href="https://github.com/unicode-rs/unicode-width/commit/e77b2929bc863841147786ef573b297581f94fe4"><code>e77b292</code></a> Make characters with <code>Line_Break=Ambiguous</code> ambiguous (<a href="https://redirect.github.com/unicode-rs/unicode-width/issues/61">#61</a>)</li> <li><a href="https://github.com/unicode-rs/unicode-width/commit/5a7fced663028d86d603cffbddcabedfdf7c7199"><code>5a7fced</code></a> Update version number in Readme (<a href="https://redirect.github.com/unicode-rs/unicode-width/issues/70">#70</a>)</li> <li><a href="https://github.com/unicode-rs/unicode-width/commit/79eab0d9fc2060783b43046f9611648dcd35172f"><code>79eab0d</code></a> Publish 0.2.0 with newlines treated as width 1 (<a href="https://redirect.github.com/unicode-rs/unicode-width/issues/68">#68</a>)</li> <li>See full diff in <a href="https://github.com/unicode-rs/unicode-width/compare/v0.1.14...v0.2.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=unicode-width&package-manager=cargo&previous-version=0.1.14&new-version=0.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:33:46 +00:00
"unicode-width 0.2.1",
Copying / Dragging image files (MacOS Terminal + iTerm) (#2567) In this PR: - [x] Add support for dragging / copying image files into chat. - [x] Don't remove image placeholders when submitting. - [x] Add tests. Works for: - Image Files - Dragging MacOS Screenshots (Terminal, iTerm) Todos: - [ ] In some terminals (VSCode, WIndows Powershell, and remote SSH-ing), copy-pasting a file streams the escaped filepath as individual key events rather than a single Paste event. We'll need to have a function (in a separate PR) for detecting these paste events.
2025-08-25 16:39:42 -07:00
"url",
add slash resume (#7302) `codex resume` isn't that discoverable. Adding it to the slash commands can help
2025-12-03 11:25:44 -08:00
"uuid",
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
"vt100",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat(tui2): add feature-flagged tui2 frontend (#7793) Introduce a new codex-tui2 crate that re-exports the existing interactive TUI surface and delegates run_main directly to codex-tui. This keeps behavior identical while giving tui2 its own crate for future viewport work. Wire the codex CLI to select the frontend via the tui2 feature flag. When the merged CLI overrides include features.tui2=true (e.g. via --enable tui2), interactive runs are routed through codex_tui2::run_main; otherwise they continue to use the original codex_tui::run_main. Register Feature::Tui2 in the core feature registry and add the tui2 crate and dependency entries so the new frontend builds alongside the existing TUI. This is a stub that only wires up the feature flag for this. <img width="619" height="364" alt="image" src="https://github.com/user-attachments/assets/4893f030-932f-471e-a443-63fe6b5d8ed9" />
2025-12-09 16:23:53 -08:00
[[package]]
name = "codex-tui2"
version = "0.0.0"
dependencies = [
"anyhow",
feat(tui2): copy tui crate and normalize snapshots (#7833) Introduce a full codex-tui source snapshot under the new codex-tui2 crate so viewport work can be replayed in isolation. This change copies the entire codex-rs/tui/src tree into codex-rs/tui2/src in one atomic step, rather than piecemeal, to keep future diffs vs the original viewport bookmark easy to reason about. The goal is for codex-tui2 to render identically to the existing TUI behind the `features.tui2` flag while we gradually port the viewport/history commits from the joshka/viewport bookmark onto this forked tree. While on this baseline change, we also ran the codex-tui2 snapshot test suite and accepted all insta snapshots for the new crate, so the snapshot files now use the codex-tui2 naming scheme and encode the unmodified legacy TUI behavior. This keeps later viewport commits focused on intentional behavior changes (and their snapshots) rather than on mechanical snapshot renames.
2025-12-10 14:53:46 -08:00
"arboard",
"assert_matches",
"async-stream",
"base64",
"chrono",
feat(tui2): add feature-flagged tui2 frontend (#7793) Introduce a new codex-tui2 crate that re-exports the existing interactive TUI surface and delegates run_main directly to codex-tui. This keeps behavior identical while giving tui2 its own crate for future viewport work. Wire the codex CLI to select the frontend via the tui2 feature flag. When the merged CLI overrides include features.tui2=true (e.g. via --enable tui2), interactive runs are routed through codex_tui2::run_main; otherwise they continue to use the original codex_tui::run_main. Register Feature::Tui2 in the core feature registry and add the tui2 crate and dependency entries so the new frontend builds alongside the existing TUI. This is a stub that only wires up the feature flag for this. <img width="619" height="364" alt="image" src="https://github.com/user-attachments/assets/4893f030-932f-471e-a443-63fe6b5d8ed9" />
2025-12-09 16:23:53 -08:00
"clap",
feat(tui2): copy tui crate and normalize snapshots (#7833) Introduce a full codex-tui source snapshot under the new codex-tui2 crate so viewport work can be replayed in isolation. This change copies the entire codex-rs/tui/src tree into codex-rs/tui2/src in one atomic step, rather than piecemeal, to keep future diffs vs the original viewport bookmark easy to reason about. The goal is for codex-tui2 to render identically to the existing TUI behind the `features.tui2` flag while we gradually port the viewport/history commits from the joshka/viewport bookmark onto this forked tree. While on this baseline change, we also ran the codex-tui2 snapshot test suite and accepted all insta snapshots for the new crate, so the snapshot files now use the codex-tui2 naming scheme and encode the unmodified legacy TUI behavior. This keeps later viewport commits focused on intentional behavior changes (and their snapshots) rather than on mechanical snapshot renames.
2025-12-10 14:53:46 -08:00
"codex-ansi-escape",
"codex-app-server-protocol",
feat(tui2): add feature-flagged tui2 frontend (#7793) Introduce a new codex-tui2 crate that re-exports the existing interactive TUI surface and delegates run_main directly to codex-tui. This keeps behavior identical while giving tui2 its own crate for future viewport work. Wire the codex CLI to select the frontend via the tui2 feature flag. When the merged CLI overrides include features.tui2=true (e.g. via --enable tui2), interactive runs are routed through codex_tui2::run_main; otherwise they continue to use the original codex_tui::run_main. Register Feature::Tui2 in the core feature registry and add the tui2 crate and dependency entries so the new frontend builds alongside the existing TUI. This is a stub that only wires up the feature flag for this. <img width="619" height="364" alt="image" src="https://github.com/user-attachments/assets/4893f030-932f-471e-a443-63fe6b5d8ed9" />
2025-12-09 16:23:53 -08:00
"codex-arg0",
feat(tui2): copy tui crate and normalize snapshots (#7833) Introduce a full codex-tui source snapshot under the new codex-tui2 crate so viewport work can be replayed in isolation. This change copies the entire codex-rs/tui/src tree into codex-rs/tui2/src in one atomic step, rather than piecemeal, to keep future diffs vs the original viewport bookmark easy to reason about. The goal is for codex-tui2 to render identically to the existing TUI behind the `features.tui2` flag while we gradually port the viewport/history commits from the joshka/viewport bookmark onto this forked tree. While on this baseline change, we also ran the codex-tui2 snapshot test suite and accepted all insta snapshots for the new crate, so the snapshot files now use the codex-tui2 naming scheme and encode the unmodified legacy TUI behavior. This keeps later viewport commits focused on intentional behavior changes (and their snapshots) rather than on mechanical snapshot renames.
2025-12-10 14:53:46 -08:00
"codex-backend-client",
feat(tui2): add feature-flagged tui2 frontend (#7793) Introduce a new codex-tui2 crate that re-exports the existing interactive TUI surface and delegates run_main directly to codex-tui. This keeps behavior identical while giving tui2 its own crate for future viewport work. Wire the codex CLI to select the frontend via the tui2 feature flag. When the merged CLI overrides include features.tui2=true (e.g. via --enable tui2), interactive runs are routed through codex_tui2::run_main; otherwise they continue to use the original codex_tui::run_main. Register Feature::Tui2 in the core feature registry and add the tui2 crate and dependency entries so the new frontend builds alongside the existing TUI. This is a stub that only wires up the feature flag for this. <img width="619" height="364" alt="image" src="https://github.com/user-attachments/assets/4893f030-932f-471e-a443-63fe6b5d8ed9" />
2025-12-09 16:23:53 -08:00
"codex-common",
"codex-core",
feat(tui2): copy tui crate and normalize snapshots (#7833) Introduce a full codex-tui source snapshot under the new codex-tui2 crate so viewport work can be replayed in isolation. This change copies the entire codex-rs/tui/src tree into codex-rs/tui2/src in one atomic step, rather than piecemeal, to keep future diffs vs the original viewport bookmark easy to reason about. The goal is for codex-tui2 to render identically to the existing TUI behind the `features.tui2` flag while we gradually port the viewport/history commits from the joshka/viewport bookmark onto this forked tree. While on this baseline change, we also ran the codex-tui2 snapshot test suite and accepted all insta snapshots for the new crate, so the snapshot files now use the codex-tui2 naming scheme and encode the unmodified legacy TUI behavior. This keeps later viewport commits focused on intentional behavior changes (and their snapshots) rather than on mechanical snapshot renames.
2025-12-10 14:53:46 -08:00
"codex-feedback",
"codex-file-search",
"codex-login",
"codex-protocol",
feat(tui2): add feature-flagged tui2 frontend (#7793) Introduce a new codex-tui2 crate that re-exports the existing interactive TUI surface and delegates run_main directly to codex-tui. This keeps behavior identical while giving tui2 its own crate for future viewport work. Wire the codex CLI to select the frontend via the tui2 feature flag. When the merged CLI overrides include features.tui2=true (e.g. via --enable tui2), interactive runs are routed through codex_tui2::run_main; otherwise they continue to use the original codex_tui::run_main. Register Feature::Tui2 in the core feature registry and add the tui2 crate and dependency entries so the new frontend builds alongside the existing TUI. This is a stub that only wires up the feature flag for this. <img width="619" height="364" alt="image" src="https://github.com/user-attachments/assets/4893f030-932f-471e-a443-63fe6b5d8ed9" />
2025-12-09 16:23:53 -08:00
"codex-tui",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"codex-utils-absolute-path",
feat(tui2): copy tui crate and normalize snapshots (#7833) Introduce a full codex-tui source snapshot under the new codex-tui2 crate so viewport work can be replayed in isolation. This change copies the entire codex-rs/tui/src tree into codex-rs/tui2/src in one atomic step, rather than piecemeal, to keep future diffs vs the original viewport bookmark easy to reason about. The goal is for codex-tui2 to render identically to the existing TUI behind the `features.tui2` flag while we gradually port the viewport/history commits from the joshka/viewport bookmark onto this forked tree. While on this baseline change, we also ran the codex-tui2 snapshot test suite and accepted all insta snapshots for the new crate, so the snapshot files now use the codex-tui2 naming scheme and encode the unmodified legacy TUI behavior. This keeps later viewport commits focused on intentional behavior changes (and their snapshots) rather than on mechanical snapshot renames.
2025-12-10 14:53:46 -08:00
"codex-windows-sandbox",
"color-eyre",
"crossterm",
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
"derive_more 2.0.1",
feat(tui2): copy tui crate and normalize snapshots (#7833) Introduce a full codex-tui source snapshot under the new codex-tui2 crate so viewport work can be replayed in isolation. This change copies the entire codex-rs/tui/src tree into codex-rs/tui2/src in one atomic step, rather than piecemeal, to keep future diffs vs the original viewport bookmark easy to reason about. The goal is for codex-tui2 to render identically to the existing TUI behind the `features.tui2` flag while we gradually port the viewport/history commits from the joshka/viewport bookmark onto this forked tree. While on this baseline change, we also ran the codex-tui2 snapshot test suite and accepted all insta snapshots for the new crate, so the snapshot files now use the codex-tui2 naming scheme and encode the unmodified legacy TUI behavior. This keeps later viewport commits focused on intentional behavior changes (and their snapshots) rather than on mechanical snapshot renames.
2025-12-10 14:53:46 -08:00
"diffy",
"dirs",
"dunce",
"image",
"insta",
"itertools 0.14.0",
"lazy_static",
"libc",
"mcp-types",
"pathdiff",
"pretty_assertions",
"pulldown-cmark",
"rand 0.9.2",
"ratatui",
"ratatui-macros",
"regex-lite",
"reqwest",
"serde",
"serde_json",
"serial_test",
"shlex",
"strum 0.27.2",
"strum_macros 0.27.2",
"supports-color 3.0.2",
"tempfile",
"textwrap 0.16.2",
"tokio",
"tokio-stream",
"tokio-util",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"toml 0.9.5",
feat(tui2): copy tui crate and normalize snapshots (#7833) Introduce a full codex-tui source snapshot under the new codex-tui2 crate so viewport work can be replayed in isolation. This change copies the entire codex-rs/tui/src tree into codex-rs/tui2/src in one atomic step, rather than piecemeal, to keep future diffs vs the original viewport bookmark easy to reason about. The goal is for codex-tui2 to render identically to the existing TUI behind the `features.tui2` flag while we gradually port the viewport/history commits from the joshka/viewport bookmark onto this forked tree. While on this baseline change, we also ran the codex-tui2 snapshot test suite and accepted all insta snapshots for the new crate, so the snapshot files now use the codex-tui2 naming scheme and encode the unmodified legacy TUI behavior. This keeps later viewport commits focused on intentional behavior changes (and their snapshots) rather than on mechanical snapshot renames.
2025-12-10 14:53:46 -08:00
"tracing",
"tracing-appender",
"tracing-subscriber",
"tree-sitter-bash",
"tree-sitter-highlight",
"unicode-segmentation",
"unicode-width 0.2.1",
"url",
"uuid",
"vt100",
feat(tui2): add feature-flagged tui2 frontend (#7793) Introduce a new codex-tui2 crate that re-exports the existing interactive TUI surface and delegates run_main directly to codex-tui. This keeps behavior identical while giving tui2 its own crate for future viewport work. Wire the codex CLI to select the frontend via the tui2 feature flag. When the merged CLI overrides include features.tui2=true (e.g. via --enable tui2), interactive runs are routed through codex_tui2::run_main; otherwise they continue to use the original codex_tui::run_main. Register Feature::Tui2 in the core feature registry and add the tui2 crate and dependency entries so the new frontend builds alongside the existing TUI. This is a stub that only wires up the feature flag for this. <img width="619" height="364" alt="image" src="https://github.com/user-attachments/assets/4893f030-932f-471e-a443-63fe6b5d8ed9" />
2025-12-09 16:23:53 -08:00
]
fix: introduce AbsolutePathBuf and resolve relative paths in config.toml (#7796) This PR attempts to solve two problems by introducing a `AbsolutePathBuf` type with a special deserializer: - `AbsolutePathBuf` attempts to be a generally useful abstraction, as it ensures, by constructing, that it represents a value that is an absolute, normalized path, which is a stronger guarantee than an arbitrary `PathBuf`. - Values in `config.toml` that can be either an absolute or relative path should be resolved against the folder containing the `config.toml` in the relative path case. This PR makes this easy to support: the main cost is ensuring `AbsolutePathBufGuard` is used inside `deserialize_config_toml_with_base()`. While `AbsolutePathBufGuard` may seem slightly distasteful because it relies on thread-local storage, this seems much cleaner to me than using than my various experiments with https://docs.rs/serde/latest/serde/de/trait.DeserializeSeed.html. Further, since the `deserialize()` method from the `Deserialize` trait is not async, we do not really have to worry about the deserialization work being spread across multiple threads in a way that would interfere with `AbsolutePathBufGuard`. To start, this PR introduces the use of `AbsolutePathBuf` in `OtelTlsConfig`. Note how this simplifies `otel_provider.rs` because it no longer requires `settings.codex_home` to be threaded through. Furthermore, this sets us up better for a world where multiple `config.toml` files from different folders could be loaded and then merged together, as the absolutifying of the paths must be done against the correct parent folder.
2025-12-09 17:37:52 -08:00
[[package]]
name = "codex-utils-absolute-path"
version = "0.0.0"
dependencies = [
"path-absolutize",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"schemars 0.8.22",
fix: introduce AbsolutePathBuf and resolve relative paths in config.toml (#7796) This PR attempts to solve two problems by introducing a `AbsolutePathBuf` type with a special deserializer: - `AbsolutePathBuf` attempts to be a generally useful abstraction, as it ensures, by constructing, that it represents a value that is an absolute, normalized path, which is a stronger guarantee than an arbitrary `PathBuf`. - Values in `config.toml` that can be either an absolute or relative path should be resolved against the folder containing the `config.toml` in the relative path case. This PR makes this easy to support: the main cost is ensuring `AbsolutePathBufGuard` is used inside `deserialize_config_toml_with_base()`. While `AbsolutePathBufGuard` may seem slightly distasteful because it relies on thread-local storage, this seems much cleaner to me than using than my various experiments with https://docs.rs/serde/latest/serde/de/trait.DeserializeSeed.html. Further, since the `deserialize()` method from the `Deserialize` trait is not async, we do not really have to worry about the deserialization work being spread across multiple threads in a way that would interfere with `AbsolutePathBufGuard`. To start, this PR introduces the use of `AbsolutePathBuf` in `OtelTlsConfig`. Note how this simplifies `otel_provider.rs` because it no longer requires `settings.codex_home` to be threaded through. Furthermore, this sets us up better for a world where multiple `config.toml` files from different folders could be loaded and then merged together, as the absolutifying of the paths must be done against the correct parent folder.
2025-12-09 17:37:52 -08:00
"serde",
"serde_json",
"tempfile",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"ts-rs",
fix: introduce AbsolutePathBuf and resolve relative paths in config.toml (#7796) This PR attempts to solve two problems by introducing a `AbsolutePathBuf` type with a special deserializer: - `AbsolutePathBuf` attempts to be a generally useful abstraction, as it ensures, by constructing, that it represents a value that is an absolute, normalized path, which is a stronger guarantee than an arbitrary `PathBuf`. - Values in `config.toml` that can be either an absolute or relative path should be resolved against the folder containing the `config.toml` in the relative path case. This PR makes this easy to support: the main cost is ensuring `AbsolutePathBufGuard` is used inside `deserialize_config_toml_with_base()`. While `AbsolutePathBufGuard` may seem slightly distasteful because it relies on thread-local storage, this seems much cleaner to me than using than my various experiments with https://docs.rs/serde/latest/serde/de/trait.DeserializeSeed.html. Further, since the `deserialize()` method from the `Deserialize` trait is not async, we do not really have to worry about the deserialization work being spread across multiple threads in a way that would interfere with `AbsolutePathBufGuard`. To start, this PR introduces the use of `AbsolutePathBuf` in `OtelTlsConfig`. Note how this simplifies `otel_provider.rs` because it no longer requires `settings.codex_home` to be threaded through. Furthermore, this sets us up better for a world where multiple `config.toml` files from different folders could be loaded and then merged together, as the absolutifying of the paths must be done against the correct parent folder.
2025-12-09 17:37:52 -08:00
]
feat: image resizing (#5446) Add image resizing on the client side to reduce load on the API
2025-10-27 16:58:10 +00:00
[[package]]
name = "codex-utils-cache"
version = "0.0.0"
dependencies = [
chore(deps): bump lru from 0.12.5 to 0.16.2 in /codex-rs (#8045) Bumps [lru](https://github.com/jeromefroe/lru-rs) from 0.12.5 to 0.16.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md">lru's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.2">v0.16.2</a> - 2025-10-14</h2> <ul> <li>Upgrade hashbrown dependency to 0.16.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.1">v0.16.1</a> - 2025-09-08</h2> <ul> <li>Fix <code>Clone</code> for unbounded cache.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.0">v0.16.0</a> - 2025-07-02</h2> <ul> <li>Implement <code>Clone</code> for caches with custom hashers.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.15.0">v0.15.0</a> - 2025-06-26</h2> <ul> <li>Return bool from <code>promote</code> and <code>demote</code> to indicate whether key was found.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.14.0">v0.14.0</a> - 2025-04-12</h2> <ul> <li>Use <code>NonZeroUsize::MAX</code> instead of <code>unwrap()</code>, and update MSRV to 1.70.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.13.0">v0.13.0</a> - 2025-01-27</h2> <ul> <li>Add <code>peek_mru</code> and <code>pop_mru</code> methods, upgrade dependency on <code>hashbrown</code> to 0.15.2, and update MSRV to 1.65.0.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c1f843ded02d718138483df6ed8da4961accc201"><code>c1f843d</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/223">#223</a> from jeromefroe/jerome/prepare-0-16-2-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/fc4f30953e75e4315d9d965a3e4b7f0968788d2a"><code>fc4f309</code></a> Prepare 0.16.2 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e91ea2bd85eabfc0769f1117bbba22699e766cb0"><code>e91ea2b</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/222">#222</a> from torokati44/hashbrown-0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/90d05feff3d795016c4f5a2e44215b35ee5816f7"><code>90d05fe</code></a> Update hashbrown to 0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c699209232539c72035d942888750878e590ab46"><code>c699209</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/220">#220</a> from jeromefroe/jerome/prepare-0-16-1-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/2bd820703080f0ee840dce10e7bd447fa8d2c83d"><code>2bd8207</code></a> Prepare 0.16.1 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/1b21bf1c5917e172edbfd0f5f87b2f6d94130724"><code>1b21bf1</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/219">#219</a> from wqfish/bk</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/3ec42b6369082c00da2836fe033db20cb52a36fc"><code>3ec42b6</code></a> Fix clone implementation for unbounded cache</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e2e3e47c33386672fc715deabf3494b071b8d04c"><code>e2e3e47</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/218">#218</a> from jeromefroe/jerome/prepare-0-16-0-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/17fe4f328aa4149814849ede11c283ff7ee27d31"><code>17fe4f3</code></a> Prepare 0.16.0 release</li> <li>Additional commits viewable in <a href="https://github.com/jeromefroe/lru-rs/compare/0.12.5...0.16.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lru&package-manager=cargo&previous-version=0.12.5&new-version=0.16.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:32:15 -08:00
"lru 0.16.2",
feat: image resizing (#5446) Add image resizing on the client side to reduce load on the API
2025-10-27 16:58:10 +00:00
"sha1",
"tokio",
]
[[package]]
name = "codex-utils-image"
version = "0.0.0"
dependencies = [
"base64",
"codex-utils-cache",
"image",
"tempfile",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: image resizing (#5446) Add image resizing on the client side to reduce load on the API
2025-10-27 16:58:10 +00:00
"tokio",
]
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
[[package]]
name = "codex-utils-json-to-toml"
version = "0.0.0"
dependencies = [
"pretty_assertions",
"serde_json",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"toml 0.9.5",
fix: separate `codex mcp` into `codex mcp-server` and `codex app-server` (#4471) This is a very large PR with some non-backwards-compatible changes. Historically, `codex mcp` (or `codex mcp serve`) started a JSON-RPC-ish server that had two overlapping responsibilities: - Running an MCP server, providing some basic tool calls. - Running the app server used to power experiences such as the VS Code extension. This PR aims to separate these into distinct concepts: - `codex mcp-server` for the MCP server - `codex app-server` for the "application server" Note `codex mcp` still exists because it already has its own subcommands for MCP management (`list`, `add`, etc.) The MCP logic continues to live in `codex-rs/mcp-server` whereas the refactored app server logic is in the new `codex-rs/app-server` folder. Note that most of the existing integration tests in `codex-rs/mcp-server/tests/suite` were actually for the app server, so all the tests have been moved with the exception of `codex-rs/mcp-server/tests/suite/mod.rs`. Because this is already a large diff, I tried not to change more than I had to, so `codex-rs/app-server/tests/common/mcp_process.rs` still uses the name `McpProcess` for now, but I will do some mechanical renamings to things like `AppServer` in subsequent PRs. While `mcp-server` and `app-server` share some overlapping functionality (like reading streams of JSONL and dispatching based on message types) and some differences (completely different message types), I ended up doing a bit of copypasta between the two crates, as both have somewhat similar `message_processor.rs` and `outgoing_message.rs` files for now, though I expect them to diverge more in the near future. One material change is that of the initialize handshake for `codex app-server`, as we no longer use the MCP types for that handshake. Instead, we update `codex-rs/protocol/src/mcp_protocol.rs` to add an `Initialize` variant to `ClientRequest`, which takes the `ClientInfo` object we need to update the `USER_AGENT_SUFFIX` in `codex-rs/app-server/src/message_processor.rs`. One other material change is in `codex-rs/app-server/src/codex_message_processor.rs` where I eliminated a use of the `send_event_as_notification()` method I am generally trying to deprecate (because it blindly maps an `EventMsg` into a `JSONNotification`) in favor of `send_server_notification()`, which takes a `ServerNotification`, as that is intended to be a custom enum of all notification types supported by the app server. So to make this update, I had to introduce a new variant of `ServerNotification`, `SessionConfigured`, which is a non-backwards compatible change with the old `codex mcp`, and clients will have to be updated after the next release that contains this PR. Note that `codex-rs/app-server/tests/suite/list_resume.rs` also had to be update to reflect this change. I introduced `codex-rs/utils/json-to-toml/src/lib.rs` as a small utility crate to avoid some of the copying between `mcp-server` and `app-server`.
2025-09-30 00:06:18 -07:00
]
chore: rework tools execution workflow (#5278) Re-work the tool execution flow. Read `orchestrator.rs` to understand the structure
2025-10-20 20:57:37 +01:00
[[package]]
name = "codex-utils-pty"
version = "0.0.0"
dependencies = [
"anyhow",
Vendor ConPtySystem (#7656) The repo we were depending on is very large and we need very small part of it. --------- Co-authored-by: Pavel <pavel@krymets.com>
2025-12-09 09:23:51 -08:00
"filedescriptor",
"lazy_static",
"log",
chore: rework tools execution workflow (#5278) Re-work the tool execution flow. Read `orchestrator.rs` to understand the structure
2025-10-20 20:57:37 +01:00
"portable-pty",
Vendor ConPtySystem (#7656) The repo we were depending on is very large and we need very small part of it. --------- Co-authored-by: Pavel <pavel@krymets.com>
2025-12-09 09:23:51 -08:00
"shared_library",
chore: rework tools execution workflow (#5278) Re-work the tool execution flow. Read `orchestrator.rs` to understand the structure
2025-10-20 20:57:37 +01:00
"tokio",
Vendor ConPtySystem (#7656) The repo we were depending on is very large and we need very small part of it. --------- Co-authored-by: Pavel <pavel@krymets.com>
2025-12-09 09:23:51 -08:00
"winapi",
chore: rework tools execution workflow (#5278) Re-work the tool execution flow. Read `orchestrator.rs` to understand the structure
2025-10-20 20:57:37 +01:00
]
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
[[package]]
name = "codex-utils-readiness"
version = "0.0.0"
dependencies = [
Use assert_matches (#4756) assert_matches is soon to be in std but is experimental for now.
2025-10-05 14:12:31 -07:00
"assert_matches",
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
"async-trait",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
"time",
"tokio",
]
chore: refactor tool handling (#4510) # Tool System Refactor - Centralizes tool definitions and execution in `core/src/tools/*`: specs (`spec.rs`), handlers (`handlers/*`), router (`router.rs`), registry/dispatch (`registry.rs`), and shared context (`context.rs`). One registry now builds the model-visible tool list and binds handlers. - Router converts model responses to tool calls; Registry dispatches with consistent telemetry via `codex-rs/otel` and unified error handling. Function, Local Shell, MCP, and experimental `unified_exec` all flow through this path; legacy shell aliases still work. - Rationale: reduce per‑tool boilerplate, keep spec/handler in sync, and make adding tools predictable and testable. Example: `read_file` - Spec: `core/src/tools/spec.rs` (see `create_read_file_tool`, registered by `build_specs`). - Handler: `core/src/tools/handlers/read_file.rs` (absolute `file_path`, 1‑indexed `offset`, `limit`, `L#: ` prefixes, safe truncation). - E2E test: `core/tests/suite/read_file.rs` validates the tool returns the requested lines. ## Next steps: - Decompose `handle_container_exec_with_params` - Add parallel tool calls
2025-10-03 13:21:06 +01:00
[[package]]
name = "codex-utils-string"
version = "0.0.0"
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
[[package]]
name = "codex-windows-sandbox"
chore: add cargo-deny configuration (#7119) - add GitHub workflow running cargo-deny on push/PR - document cargo-deny allowlist with workspace-dep notes and advisory ignores - align workspace crates to inherit version/edition/license for consistent checks
2025-11-24 12:22:18 -08:00
version = "0.0.0"
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
dependencies = [
"anyhow",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"base64",
Elevated Sandbox 1 (#7788) - updating helpers, refactoring some functions that will be used in the elevated sandbox - better logging - better and faster handling of ACL checks/writes - No functional change—legacy restricted-token sandbox remains the only path.
2025-12-09 19:00:33 -08:00
"chrono",
windows sandbox: support multiple workspace roots (#6854) The Windows sandbox did not previously support multiple workspace roots via config. Now it does
2025-11-18 16:35:00 -08:00
"codex-protocol",
fix: introduce AbsolutePathBuf as part of sandbox config (#7856) Changes the `writable_roots` field of the `WorkspaceWrite` variant of the `SandboxPolicy` enum from `Vec<PathBuf>` to `Vec<AbsolutePathBuf>`. This is helpful because now callers can be sure the value is an absolute path rather than a relative one. (Though when using an absolute path in a Seatbelt config policy, we still have to _canonicalize_ it first.) Because `writable_roots` can be read from a config file, it is important that we are able to resolve relative paths properly using the parent folder of the config file as the base path.
2025-12-12 15:25:22 -08:00
"codex-utils-absolute-path",
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
"dirs-next",
Improve world-writable scan (#6381) 1. scan many more directories since it's much faster than the original implementation 2. limit overall scan time to 2s 3. skip some directories that are noisy - ApplicationData, Installer, etc.
2025-11-07 21:28:55 -08:00
"dunce",
feat: introduce ExternalSandbox policy (#8290) ## Description Introduced `ExternalSandbox` policy to cover use case when sandbox defined by outside environment, effectively it translates to `SandboxMode#DangerFullAccess` for file system (since sandbox configured on container level) and configurable `network_access` (either Restricted or Enabled by outside environment). as example you can configure `ExternalSandbox` policy as part of `sendUserTurn` v1 app_server API: ``` { "conversationId": <id>, "cwd": <cwd>, "approvalPolicy": "never", "sandboxPolicy": { "type": ""external-sandbox", "network_access": "enabled"/"restricted" }, "model": <model>, "effort": <effort>, .... } ```
2025-12-18 17:02:03 -08:00
"pretty_assertions",
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
"rand 0.8.5",
"serde",
"serde_json",
Windows Sandbox: treat <workspace_root>/.git as read-only in workspace-write mode (#7142) this functionality is [supported](https://github.com/openai/codex/blob/main/codex-rs/protocol/src/protocol.rs#L421-L422) in the MacOs sandbox as well. Adding it to Windows for parity This PR also changes `rust-ci.yaml` to work around a github `hashFiles` issue. Others have done something [similar](https://github.com/openai/superassistant/pull/32156) today
2025-11-24 12:41:21 -08:00
"tempfile",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows 0.58.0",
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
"windows-sys 0.52.0",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"winres",
Windows Sandbox - Alpha version (#4905) - Added the new codex-windows-sandbox crate that builds both a library entry point (run_windows_sandbox_capture) and a CLI executable to launch commands inside a Windows restricted-token sandbox, including ACL management, capability SID provisioning, network lockdown, and output capture (windows-sandbox-rs/src/lib.rs:167, windows-sandbox-rs/src/main.rs:54). - Introduced the experimental WindowsSandbox feature flag and wiring so Windows builds can opt into the sandbox: SandboxType::WindowsRestrictedToken, the in-process execution path, and platform sandbox selection now honor the flag (core/src/features.rs:47, core/src/config.rs:1224, core/src/safety.rs:19, core/src/sandboxing/mod.rs:69, core/src/exec.rs:79, core/src/exec.rs:172). - Updated workspace metadata to include the new crate and its Windows-specific dependencies so the core crate can link against it (codex-rs/ Cargo.toml:91, core/Cargo.toml:86). - Added a PowerShell bootstrap script that installs the Windows toolchain, required CLI utilities, and builds the workspace to ease development on the platform (scripts/setup-windows.ps1:1). - Landed a Python smoke-test suite that exercises read-only/workspace-write policies, ACL behavior, and network denial for the Windows sandbox binary (windows-sandbox-rs/sandbox_smoketests.py:1).
2025-10-30 15:51:57 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "color-eyre"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.6.5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "e5920befb47832a6d61ee3a3a846565cfa39b331331e68a3b1d1116630f2f26d"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"backtrace",
"color-spantrace",
"eyre",
"indenter",
"once_cell",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"owo-colors",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tracing-error",
]
[[package]]
name = "color-spantrace"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.3.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "b8b88ea9df13354b55bc7234ebcce36e6ef896aca2e42a15de9e10edce01b427"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"once_cell",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"owo-colors",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tracing-core",
"tracing-error",
]
[[package]]
name = "colorchoice"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.0.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "b05b61dc5112cbb17e4b6cd61790d9845d13888356391624cbe7e41efeac1e75"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "combine"
version = "4.6.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba5a308b75df32fe02788e748662718f03fde005016435c444eea572398219fd"
dependencies = [
"bytes",
"memchr",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "compact_str"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3b79c4069c6cad78e2e0cdfcbd26275770669fb39fd308a752dc110e83b9af32"
dependencies = [
"castaway",
"cfg-if",
"itoa",
"rustversion",
"ryu",
"static_assertions",
]
[[package]]
name = "concurrent-queue"
version = "2.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4ca0197aee26d1ae37445ee532fefce43251d24cc7c166799f4d46817f1d3973"
dependencies = [
"crossbeam-utils",
]
Add paste summarization to Codex TUI (#1549) ## Summary - introduce `Paste` event to avoid per-character paste handling - collapse large pasted blocks to `[Pasted Content X lines]` - store the real text so submission still includes it - wire paste handling through `App`, `ChatWidget`, `BottomPane`, and `ChatComposer` ## Testing - `cargo test -p codex-tui` ------ https://chatgpt.com/codex/tasks/task_i_6871e24abf80832184d1f3ca0c61a5ee https://github.com/user-attachments/assets/eda7412f-da30-4474-9f7c-96b49d48fbf8
2025-07-12 15:32:00 -07:00
[[package]]
name = "console"
version = "0.15.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "054ccb5b10f9f2cbf51eb355ca1d05c2d279ce1804688d0db74b4733a5aeafd8"
dependencies = [
"encode_unicode",
"libc",
"once_cell",
"windows-sys 0.59.0",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "convert_case"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec182b0ca2f35d8fc196cf3404988fd8b8c739a4d270ff118a398feb0cbec1ca"
dependencies = [
"unicode-segmentation",
]
refactor(terminal): cleanup deprecated flush logic (#6373) Removes flush logic that was leftover to test against ratatui's flush Cleaned up the flush logic so it's a bit more intent revealing. DrawCommand now owns the Cells that it draws as this works around a borrow checker problem.
2025-11-07 15:54:07 -08:00
[[package]]
name = "convert_case"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
version = "0.7.1"
refactor(terminal): cleanup deprecated flush logic (#6373) Removes flush logic that was leftover to test against ratatui's flush Cleaned up the flush logic so it's a bit more intent revealing. DrawCommand now owns the Cells that it draws as this works around a borrow checker problem.
2025-11-07 15:54:07 -08:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
checksum = "bb402b8d4c85569410425650ce3eddc7d698ed96d39a73f941b08fb63082f1e7"
refactor(terminal): cleanup deprecated flush logic (#6373) Removes flush logic that was leftover to test against ratatui's flush Cleaned up the flush logic so it's a bit more intent revealing. DrawCommand now owns the Cells that it draws as this works around a borrow checker problem.
2025-11-07 15:54:07 -08:00
dependencies = [
"unicode-segmentation",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "core-foundation"
version = "0.9.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "91e195e091a93c46f7102ec7818a2aa394e1e1771c3ab4825963fa03e45afb8f"
dependencies = [
"core-foundation-sys",
"libc",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "core-foundation"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b2a6cd9ae233e7f62ba4e9353e81a88df7fc8a5987b8d445b4d90c879bd156f6"
dependencies = [
"core-foundation-sys",
"libc",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "core-foundation-sys"
version = "0.8.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "773648b94d0e5d620f64f280777445740e61fe701025087ec8b57f45c791888b"
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
[[package]]
name = "core_test_support"
version = "0.0.0"
dependencies = [
Add notifier tests (#4064) Proposal: 1. Use anyhow for tests and avoid unwrap 2. Extract a helper for starting a test instance of codex
2025-09-23 07:25:46 -07:00
"anyhow",
Add codex exec testing helpers (#4254) Add a shortcut to create working directories and run codex exec with fake server.
2025-09-25 17:12:45 -07:00
"assert_cmd",
Account for encrypted reasoning for auto compaction (#7113) - The total token used returned from the api doesn't account for the reasoning items before the assistant message - Account for those for auto compaction - Add the encrypted reasoning effort in the common tests utils - Add a test to make sure it works as expected
2025-11-21 19:06:45 -08:00
"base64",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"codex-core",
chore: testing on apply_path (#5557)
2025-10-23 17:00:48 +01:00
"codex-protocol",
fix: added test helpers for platform-specific paths (#7954) This addresses post-merge feedback from https://github.com/openai/codex/pull/7856.
2025-12-12 16:14:12 -08:00
"codex-utils-absolute-path",
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
"notify",
fix parallel tool calls (#7956)
2025-12-15 17:28:27 -08:00
"pretty_assertions",
Make output assertions more explicit (#4784) Match using precise regexes.
2025-10-05 16:01:38 -07:00
"regex-lite",
fix parallel tool calls (#7956)
2025-12-15 17:28:27 -08:00
"reqwest",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"serde_json",
Migrate coverage to shell_command (#7042)
2025-11-20 19:44:00 -08:00
"shlex",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"tempfile",
"tokio",
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
"walkdir",
Move responses mocking helpers to a shared lib (#3878) These are generally useful
2025-09-18 17:53:14 -07:00
"wiremock",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
]
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
[[package]]
name = "cpufeatures"
version = "0.2.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "59ed5838eebb26a2bb2e58f6d5b5316989ae9d08bab10e0e6d103e656d1b0280"
dependencies = [
"libc",
]
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "crc32fast"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
version = "1.5.0"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
checksum = "9481c1c90cbf2ac953f07c8d4a58aa3945c425b7185c9154d67a65e4230da511"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
"cfg-if",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "crossbeam-channel"
version = "0.5.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "82b8f8f868b36967f9606790d1903570de9ceaf870a7bf9fbbd3016d636a2cb2"
dependencies = [
"crossbeam-utils",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "crossbeam-deque"
version = "0.8.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9dd111b7b7f7d55b72c0a6ae361660ee5853c9af73f70c3c2ef6858b950e2e51"
dependencies = [
"crossbeam-epoch",
"crossbeam-utils",
]
[[package]]
name = "crossbeam-epoch"
version = "0.9.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5b82ac4a3c2ca9c3460964f020e1402edd5753411d7737aa39c3714ad1b5420e"
dependencies = [
"crossbeam-utils",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "crossbeam-utils"
version = "0.8.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d0a5c400df2834b80a4c3327b3aad3a4c4cd4de0629063962b03235697506a28"
[[package]]
name = "crossterm"
version = "0.28.1"
tui: patch crossterm for better color queries (#5935) See https://github.com/crossterm-rs/crossterm/compare/master...nornagon:crossterm:nornagon/color-query This patches crossterm to add support for querying fg/bg color as part of the crossterm event loop, which fixes some issues where this query would fight with other input. - dragging screenshots into the cli would sometimes paste half of the pathname instead of being recognized as an image (https://github.com/openai/codex/issues/5603) - Fixes https://github.com/openai/codex/issues/4945
2025-10-31 16:36:41 -07:00
source = "git+https://github.com/nornagon/crossterm?branch=nornagon%2Fcolor-query#87db8bfa6dc99427fd3b071681b07fc31c6ce995"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"crossterm_winapi",
tui: switch to using tokio + EventStream for processing crossterm events (#2489) bringing the tui more into tokio-land to make it easier to factorize. fyi @bolinfest
2025-08-20 10:11:09 -07:00
"futures-core",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"mio",
"parking_lot",
"rustix 0.38.44",
"signal-hook",
"signal-hook-mio",
"winapi",
]
[[package]]
name = "crossterm_winapi"
version = "0.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "acdd7c62a3665c7f6830a51635d9ac9b23ed385797f70a83bb8bafe9c572ab2b"
dependencies = [
"winapi",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "crunchy"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.2.4"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "460fbee9c2c2f33933d720630a6a0bac33ba7053db5344fac858d4b8952d77d5"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
[[package]]
name = "crypto-common"
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
dependencies = [
"generic-array",
"typenum",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "ctor"
version = "0.1.26"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6d2301688392eb071b0bf1a37be05c469d3cc4dbbd95df672fe28ab021e6a096"
dependencies = [
"quote",
"syn 1.0.109",
]
feat: add support for CODEX_SECURE_MODE=1 to restrict process observability (#4220) Because the `codex` process could contain sensitive information in memory, such as API keys, we add logic so that when `CODEX_SECURE_MODE=1` is specified, we avail ourselves of whatever the operating system provides to restrict observability/tampering, which includes: - disabling `ptrace(2)`, so it is not possible to attach to the process with a debugger, such as `gdb` - disabling core dumps Admittedly, a user with root privileges can defeat these safeguards. For now, we only add support for this in the `codex` multitool, but we may ultimately want to support this in some of the smaller CLIs that are buildable out of our Cargo workspace.
2025-09-25 10:02:28 -07:00
[[package]]
name = "ctor"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "67773048316103656a637612c4a62477603b777d91d9c62ff2290f9cde178fdb"
dependencies = [
"ctor-proc-macro",
"dtor",
]
[[package]]
name = "ctor-proc-macro"
version = "0.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e2931af7e13dc045d8e9d26afccc6fa115d64e115c9c84b1166288b46f6782c2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "darling"
version = "0.20.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc7f46116c46ff9ab3eb1597a45688b6715c6e628b5c133e288e709a29bcb4ee"
dependencies = [
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"darling_core 0.20.11",
"darling_macro 0.20.11",
]
[[package]]
name = "darling"
version = "0.21.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9cdf337090841a411e2a7f3deb9187445851f91b309c0c0a29e05f74a00a48c0"
dependencies = [
"darling_core 0.21.3",
"darling_macro 0.21.3",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
[[package]]
name = "darling"
version = "0.23.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "25ae13da2f202d56bd7f91c25fba009e7717a1e4a1cc98a76d844b65ae912e9d"
dependencies = [
"darling_core 0.23.0",
"darling_macro 0.23.0",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "darling_core"
version = "0.20.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0d00b9596d185e565c2207a0b01f8bd1a135483d02d9b7b0a54b11da8d53412e"
dependencies = [
"fnv",
"ident_case",
"proc-macro2",
"quote",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"strsim 0.11.1",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "darling_core"
version = "0.21.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1247195ecd7e3c85f83c8d2a366e4210d588e802133e1e355180a9870b517ea4"
dependencies = [
"fnv",
"ident_case",
"proc-macro2",
"quote",
"strsim 0.11.1",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
[[package]]
name = "darling_core"
version = "0.23.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9865a50f7c335f53564bb694ef660825eb8610e0a53d3e11bf1b0d3df31e03b0"
dependencies = [
"ident_case",
"proc-macro2",
"quote",
"strsim 0.11.1",
"syn 2.0.104",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "darling_macro"
version = "0.20.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc34b93ccb385b40dc71c6fceac4b2ad23662c7eeb248cf10d529b7e055b6ead"
dependencies = [
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"darling_core 0.20.11",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
[[package]]
name = "darling_macro"
version = "0.21.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d38308df82d1080de0afee5d069fa14b0326a88c14f15c5ccda35b4a6c414c81"
dependencies = [
"darling_core 0.21.3",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
]
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
[[package]]
name = "darling_macro"
version = "0.23.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac3984ec7bd6cfa798e62b4a642426a5be0e68f9401cfc2a01e3fa9ea2fcdb8d"
dependencies = [
"darling_core 0.23.0",
"quote",
"syn 2.0.104",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "dbus"
version = "0.9.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "190b6255e8ab55a7b568df5a883e9497edc3e4821c06396612048b430e5ad1e9"
dependencies = [
"libc",
"libdbus-sys",
"windows-sys 0.59.0",
]
[[package]]
name = "dbus-secret-service"
version = "4.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "708b509edf7889e53d7efb0ffadd994cc6c2345ccb62f55cfd6b0682165e4fa6"
dependencies = [
"aes",
"block-padding",
"cbc",
"dbus",
"fastrand",
"hkdf",
"num",
"once_cell",
"sha2",
"zeroize",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "deadpool"
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
version = "0.12.3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
checksum = "0be2b1d1d6ec8d846f05e137292d0b89133caf95ef33695424c09568bdd39b1b"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"deadpool-runtime",
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
"lazy_static",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"num_cpus",
"tokio",
]
[[package]]
name = "deadpool-runtime"
version = "0.1.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "092966b41edc516079bdf31ec78a2e0588d1d0c08f78b91d8307215928642b2b"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "debugid"
version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bef552e6f588e446098f6ba40d89ac146c8c7b64aade83c051ee00bb5d2bc18d"
dependencies = [
"serde",
"uuid",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "debugserver-types"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2bf6834a70ed14e8e4e41882df27190bea150f1f6ecf461f1033f8739cd8af4a"
dependencies = [
"schemafy",
"serde",
"serde_json",
]
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "der"
version = "0.7.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb"
dependencies = [
"pem-rfc7468",
"zeroize",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "deranged"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
version = "0.5.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
checksum = "a41953f86f8a05768a6cda24def994fd2f424b04ec5c719cf89989779f199071"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"powerfmt",
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
"serde_core",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
[[package]]
name = "derivative"
version = "2.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b"
dependencies = [
"proc-macro2",
"quote",
"syn 1.0.109",
]
[[package]]
name = "derive_more"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4a9b99b9cbbe49445b21764dc0625032a89b145a2642e67603e1c936f5458d05"
dependencies = [
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"derive_more-impl 1.0.0",
]
[[package]]
name = "derive_more"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
version = "2.0.1"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
checksum = "093242cf7570c207c83073cf82f79706fe7b8317e98620a47d5be7c3d8497678"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
dependencies = [
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
"derive_more-impl 2.0.1",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
[[package]]
name = "derive_more-impl"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cb7330aeadfbe296029522e6c40f315320aba36fc43a5b3632f3795348f3bd22"
dependencies = [
refactor(terminal): cleanup deprecated flush logic (#6373) Removes flush logic that was leftover to test against ratatui's flush Cleaned up the flush logic so it's a bit more intent revealing. DrawCommand now owns the Cells that it draws as this works around a borrow checker problem.
2025-11-07 15:54:07 -08:00
"convert_case 0.6.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"unicode-xid",
]
[[package]]
name = "derive_more-impl"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
version = "2.0.1"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
checksum = "bda628edc44c4bb645fbe0f758797143e4e07926f7ebf4e9bdfbd3d2ce621df3"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
dependencies = [
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
"convert_case 0.7.1",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"unicode-xid",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "diff"
version = "0.1.13"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "56254986775e3233ffa9c4d7d3faaf6d36a2c09d30b20687e9f88bc8bafc16c8"
[[package]]
name = "difflib"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6184e33543162437515c2e2b48714794e37845ec9851711914eec9d308f6ebe8"
Change the UI of apply patch (#1907) <img width="487" height="108" alt="image" src="https://github.com/user-attachments/assets/3f6ffd56-36f6-40bc-b999-64279705416a" /> --------- Co-authored-by: Gabriel Peal <gpeal@users.noreply.github.com>
2025-08-06 22:25:41 -07:00
[[package]]
name = "diffy"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b545b8c50194bdd008283985ab0b31dba153cfd5b3066a92770634fbc0d7d291"
dependencies = [
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"nu-ansi-term",
Change the UI of apply patch (#1907) <img width="487" height="108" alt="image" src="https://github.com/user-attachments/assets/3f6ffd56-36f6-40bc-b999-64279705416a" /> --------- Co-authored-by: Gabriel Peal <gpeal@users.noreply.github.com>
2025-08-06 22:25:41 -07:00
]
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
[[package]]
name = "digest"
version = "0.10.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
dependencies = [
"block-buffer",
"crypto-common",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"subtle",
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "dirs"
version = "6.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c3e8aa94d75141228480295a7d0e7feb620b1a5ad9f12bc40be62411e38cce4e"
dependencies = [
"dirs-sys",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "dirs-next"
version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b98cf8ebf19c3d1b223e151f99a4f9f0690dca41414773390fc824184ac833e1"
dependencies = [
"cfg-if",
"dirs-sys-next",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "dirs-sys"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e01a3366d27ee9890022452ee61b2b63a67e6f13f58900b651ff5665f0bb1fab"
dependencies = [
"libc",
"option-ext",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"redox_users 0.5.0",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"windows-sys 0.61.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "dirs-sys-next"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4ebda144c4fe02d1f7ea1a7d9641b6fc6b580adcfa024ae48797ecdeb6825b4d"
dependencies = [
"libc",
"redox_users 0.4.6",
"winapi",
]
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
[[package]]
name = "dispatch2"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "89a09f22a6c6069a18470eb92d2298acf25463f14256d24778e1230d789a2aec"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"objc2",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "display_container"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0a110a75c96bedec8e65823dea00a1d710288b7a369d95fd8a0f5127639466fa"
dependencies = [
"either",
"indenter",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "displaydoc"
version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "97369cbbc041bc366949bc74d34658d6cda5621039731c6310521892a3a20ae0"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "doc-comment"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10"
feat: support dotenv (including ~/.codex/.env) (#1653) This PR adds a `load_dotenv()` helper function to the `codex-common` crate that is available when the `cli` feature is enabled. The function uses [`dotenvy`](https://crates.io/crates/dotenvy) to update the environment from: - `$CODEX_HOME/.env` - `$(pwd)/.env` To test: - ran `printenv OPENAI_API_KEY` to verify the env var exists in my environment - ran `just codex exec hello` to verify the CLI uses my `OPENAI_API_KEY` - ran `unset OPENAI_API_KEY` - ran `just codex exec hello` again and got **ERROR: Missing environment variable: `OPENAI_API_KEY`**, as expected - created `~/.codex/.env` and added `OPENAI_API_KEY=sk-proj-...` (also ran `chmod 400 ~/.codex/.env` for good measure) - ran `just codex exec hello` again and it worked, verifying it picked up `OPENAI_API_KEY` from `~/.codex/.env` Note this functionality was available in the TypeScript CLI: https://github.com/openai/codex/pull/122 and was recently requested over on https://github.com/openai/codex/issues/1262#issuecomment-3093203551.
2025-07-22 15:54:33 -07:00
[[package]]
name = "dotenvy"
version = "0.15.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1aaf95b3e5c8f23aa320147307562d361db0ae0d51242340f558153b4eb2439b"
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
[[package]]
name = "downcast-rs"
version = "1.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75b325c5dbd37f80359721ad39aca5a29fb04c89279657cffdda8736d0c0b9d2"
feat: add support for CODEX_SECURE_MODE=1 to restrict process observability (#4220) Because the `codex` process could contain sensitive information in memory, such as API keys, we add logic so that when `CODEX_SECURE_MODE=1` is specified, we avail ourselves of whatever the operating system provides to restrict observability/tampering, which includes: - disabling `ptrace(2)`, so it is not possible to attach to the process with a debugger, such as `gdb` - disabling core dumps Admittedly, a user with root privileges can defeat these safeguards. For now, we only add support for this in the `codex` multitool, but we may ultimately want to support this in some of the smaller CLIs that are buildable out of our Cargo workspace.
2025-09-25 10:02:28 -07:00
[[package]]
name = "dtor"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e58a0764cddb55ab28955347b45be00ade43d4d6f3ba4bf3dc354e4ec9432934"
dependencies = [
"dtor-proc-macro",
]
[[package]]
name = "dtor-proc-macro"
version = "0.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f678cf4a922c215c63e0de95eb1ff08a958a81d47e485cf9da1e27bf6305cfa5"
canonicalize display of Agents.md paths on Windows. (#4577) Canonicalize path on Windows to - remove unattractive path prefixes such as `\\?\` - simplify it (`../AGENTS.md` vs `C:\Users\iceweasel\code\coded\Agents.md`) before: <img width="1110" height="45" alt="Screenshot 2025-10-01 123520" src="https://github.com/user-attachments/assets/48920ae6-d89c-41b8-b4ea-df5c18fb5fad" /> after: <img width="585" height="46" alt="Screenshot 2025-10-01 123612" src="https://github.com/user-attachments/assets/70a1761a-9d97-4836-b14c-670b6f13e608" />
2025-10-01 14:33:19 -07:00
[[package]]
name = "dunce"
version = "1.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "92773504d58c093f6de2459af4af33faa518c13451eb8f2b5698ed3d36e7c813"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "dupe"
version = "0.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6ed2bc011db9c93fbc2b6cdb341a53737a55bafb46dbb74cf6764fc33a2fbf9c"
dependencies = [
"dupe_derive",
]
[[package]]
name = "dupe_derive"
version = "0.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "83e195b4945e88836d826124af44fdcb262ec01ef94d44f14f4fb5103f19892a"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
[[package]]
name = "dyn-clone"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.19"
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "1c7a8fb8a9fbf66c1f703fe16184d10ca0ee9d23be5b4436400408ba54a95005"
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "either"
version = "1.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "ena"
version = "0.14.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3d248bdd43ce613d87415282f69b9bb99d947d290b10962dd6c56233312c2ad5"
dependencies = [
"log",
]
Add paste summarization to Codex TUI (#1549) ## Summary - introduce `Paste` event to avoid per-character paste handling - collapse large pasted blocks to `[Pasted Content X lines]` - store the real text so submission still includes it - wire paste handling through `App`, `ChatWidget`, `BottomPane`, and `ChatComposer` ## Testing - `cargo test -p codex-tui` ------ https://chatgpt.com/codex/tasks/task_i_6871e24abf80832184d1f3ca0c61a5ee https://github.com/user-attachments/assets/eda7412f-da30-4474-9f7c-96b49d48fbf8
2025-07-12 15:32:00 -07:00
[[package]]
name = "encode_unicode"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34aa73646ffb006b8f5147f3dc182bd4bcb190227ce861fc4a4844bf8e3cb2c0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "encoding_rs"
version = "0.8.35"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75030f3c4f45dafd7586dd6780965a8c7e8e285a5ecb86713e63a79c5b2766f3"
dependencies = [
"cfg-if",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "endi"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a3d8a32ae18130a3c84dd492d4215c3d913c3b07c6b63c2eb3eb7ff1101ab7bf"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "endian-type"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c34f04666d835ff5d62e058c3995147c06f42fe86ff053337632bca83e42702d"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "enumflags2"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.7.12"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "1027f7680c853e056ebcec683615fb6fbbc07dbaa13b4d5d9442b146ded4ecef"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"enumflags2_derive",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"serde",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "enumflags2_derive"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.7.12"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "67c78a4d8fdf9953a5c9d458f9efe940fd97a0cab0941c075a813ac594733827"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "env-flags"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dbfd0e7fc632dec5e6c9396a27bc9f9975b4e039720e1fd3e34021d3ce28c415"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "env_filter"
version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "186e05a59d4c50738528153b83b0b0194d3a29507dfec16eccd4b342903397d0"
dependencies = [
"log",
"regex",
]
[[package]]
name = "env_logger"
version = "0.11.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "13c863f0904021b108aa8b2f55046443e6b1ebde8fd4a15c399893aae4fa069f"
dependencies = [
"anstream",
"anstyle",
"env_filter",
"jiff",
"log",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "equivalent"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "877a4ace8713b0bcf2a4e7eec82529c029f1d0619886d18145fea96c3ffe5c0f"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "erased-serde"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6c138974f9d5e7fe373eb04df7cae98833802ae4b11c24ac7039a21d5af4b26c"
dependencies = [
"serde",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "errno"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.3.13"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "778e2ac28f6c47af28e4907f13ffd1e1ddbd400980a9abd7c8df189bf578a5ad"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"libc",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"windows-sys 0.60.2",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "error-code"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "3.3.2"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "dea2df4cf52843e0452895c455a1a2cfbb842a1e7329671acf418fdc53ed4c59"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "escargot"
version = "0.5.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "11c3aea32bc97b500c9ca6a72b768a26e558264303d101d3409cf6d57a9ed0cf"
dependencies = [
"log",
"serde",
"serde_json",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "event-listener"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "5.4.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "3492acde4c3fc54c845eaab3eed8bd00c7a7d881f78bfc801e43a93dec1331ae"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"concurrent-queue",
"parking",
"pin-project-lite",
]
[[package]]
name = "event-listener-strategy"
version = "0.5.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8be9f3dfaaffdae2972880079a491a1a8bb7cbed0b8dd7a347f668b4150a3b93"
dependencies = [
"event-listener",
"pin-project-lite",
]
[[package]]
name = "eventsource-stream"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "74fef4569247a5f429d9156b9d0a2599914385dd189c539334c625d8099d90ab"
dependencies = [
"futures-core",
"nom",
"pin-project-lite",
]
fix: add integration tests for codex-exec-mcp-server with execpolicy (#7617) This PR introduces integration tests that run [codex-shell-tool-mcp](https://www.npmjs.com/package/@openai/codex-shell-tool-mcp) as a user would. Note that this requires running our fork of Bash, so we introduce a [DotSlash](https://dotslash-cli.com/) file for `bash` so that we can run the integration tests on multiple platforms without having to check the binaries into the repository. (As noted in the DotSlash file, it is slightly more heavyweight than necessary, which may be worth addressing as disk space in CI is limited: https://github.com/openai/codex/pull/7678.) To start, this PR adds two tests: - `list_tools()` makes the `list_tools` request to the MCP server and verifies we get the expected response - `accept_elicitation_for_prompt_rule()` defines a `prefix_rule()` with `decision="prompt"` and verifies the elicitation flow works as expected Though the `accept_elicitation_for_prompt_rule()` test **only works on Linux**, as this PR reveals that there are currently issues when running the Bash fork in a read-only sandbox on Linux. This will have to be fixed in a follow-up PR. Incidentally, getting this test run to correctly on macOS also requires a recent fix we made to `brew` that hasn't hit a mainline release yet, so getting CI green in this PR required https://github.com/openai/codex/pull/7680.
2025-12-06 22:39:38 -08:00
[[package]]
name = "exec_server_test_support"
version = "0.0.0"
dependencies = [
"anyhow",
"assert_cmd",
"codex-core",
"rmcp",
"serde_json",
"tokio",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "eyre"
version = "0.6.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7cd915d99f24784cdc19fd37ef22b97e3ff0ae756c7e492e9fbfe897d61e2aec"
dependencies = [
"indenter",
"once_cell",
]
[[package]]
name = "fastrand"
version = "2.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be"
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
[[package]]
name = "fax"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f05de7d48f37cd6730705cbca900770cab77a89f413d23e100ad7fad7795a0ab"
dependencies = [
"fax_derive",
]
[[package]]
name = "fax_derive"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a0aca10fb742cb43f9e7bb8467c91aa9bcb8e3ffbc6a6f7389bb93ffc920577d"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "fd-lock"
version = "4.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0ce92ff622d6dadf7349484f42c93271a0d49b7cc4d466a936405bacbe10aa78"
dependencies = [
"cfg-if",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"rustix 1.0.8",
feat: add shell snapshot for shell command (#7786)
2025-12-11 13:46:43 +00:00
"windows-sys 0.59.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "fdeflate"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e6853b52649d4ac5c0bd02320cddc5ba956bdb407c4b75a2c6b75bf51500f8c"
dependencies = [
"simd-adler32",
]
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
[[package]]
name = "filedescriptor"
version = "0.8.3"
Vendor ConPtySystem (#7656) The repo we were depending on is very large and we need very small part of it. --------- Co-authored-by: Pavel <pavel@krymets.com>
2025-12-09 09:23:51 -08:00
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e40758ed24c9b2eeb76c35fb0aebc66c626084edd827e07e1552279814c6682d"
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
dependencies = [
"libc",
"thiserror 1.0.69",
"winapi",
]
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "findshlibs"
version = "0.10.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "40b9e59cd0f7e0806cca4be089683ecb6434e602038df21fe6bf6711b2f07f64"
dependencies = [
"cc",
"lazy_static",
"libc",
"winapi",
]
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
[[package]]
name = "fixed_decimal"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "35943d22b2f19c0cb198ecf915910a8158e94541c89dcc63300d7799d46c2c5e"
dependencies = [
"displaydoc",
"smallvec",
"writeable",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "fixedbitset"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0ce7134b9999ecaf8bcd65542e436736ef32ddca1b3e06094cb6ec5755203b80"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "flate2"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.1.2"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "4a3d7db9596fecd151c5f638c0ee5d5bd487b6e0ea232e5dc96d5250f6f94b1d"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
"crc32fast",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"miniz_oxide",
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "float-cmp"
version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b09cf3155332e944990140d967ff5eceb70df778b34f77d8075db46e4704e6d8"
dependencies = [
"num-traits",
]
[[package]]
name = "fnv"
version = "1.0.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
[[package]]
name = "foldhash"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
chore(deps): bump lru from 0.12.5 to 0.16.2 in /codex-rs (#8045) Bumps [lru](https://github.com/jeromefroe/lru-rs) from 0.12.5 to 0.16.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md">lru's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.2">v0.16.2</a> - 2025-10-14</h2> <ul> <li>Upgrade hashbrown dependency to 0.16.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.1">v0.16.1</a> - 2025-09-08</h2> <ul> <li>Fix <code>Clone</code> for unbounded cache.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.0">v0.16.0</a> - 2025-07-02</h2> <ul> <li>Implement <code>Clone</code> for caches with custom hashers.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.15.0">v0.15.0</a> - 2025-06-26</h2> <ul> <li>Return bool from <code>promote</code> and <code>demote</code> to indicate whether key was found.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.14.0">v0.14.0</a> - 2025-04-12</h2> <ul> <li>Use <code>NonZeroUsize::MAX</code> instead of <code>unwrap()</code>, and update MSRV to 1.70.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.13.0">v0.13.0</a> - 2025-01-27</h2> <ul> <li>Add <code>peek_mru</code> and <code>pop_mru</code> methods, upgrade dependency on <code>hashbrown</code> to 0.15.2, and update MSRV to 1.65.0.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c1f843ded02d718138483df6ed8da4961accc201"><code>c1f843d</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/223">#223</a> from jeromefroe/jerome/prepare-0-16-2-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/fc4f30953e75e4315d9d965a3e4b7f0968788d2a"><code>fc4f309</code></a> Prepare 0.16.2 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e91ea2bd85eabfc0769f1117bbba22699e766cb0"><code>e91ea2b</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/222">#222</a> from torokati44/hashbrown-0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/90d05feff3d795016c4f5a2e44215b35ee5816f7"><code>90d05fe</code></a> Update hashbrown to 0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c699209232539c72035d942888750878e590ab46"><code>c699209</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/220">#220</a> from jeromefroe/jerome/prepare-0-16-1-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/2bd820703080f0ee840dce10e7bd447fa8d2c83d"><code>2bd8207</code></a> Prepare 0.16.1 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/1b21bf1c5917e172edbfd0f5f87b2f6d94130724"><code>1b21bf1</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/219">#219</a> from wqfish/bk</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/3ec42b6369082c00da2836fe033db20cb52a36fc"><code>3ec42b6</code></a> Fix clone implementation for unbounded cache</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e2e3e47c33386672fc715deabf3494b071b8d04c"><code>e2e3e47</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/218">#218</a> from jeromefroe/jerome/prepare-0-16-0-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/17fe4f328aa4149814849ede11c283ff7ee27d31"><code>17fe4f3</code></a> Prepare 0.16.0 release</li> <li>Additional commits viewable in <a href="https://github.com/jeromefroe/lru-rs/compare/0.12.5...0.16.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lru&package-manager=cargo&previous-version=0.12.5&new-version=0.16.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:32:15 -08:00
[[package]]
name = "foldhash"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77ce24cb58228fbb8aa041425bb1050850ac19177686ea6e0f41a70416f56fdb"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "foreign-types"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
dependencies = [
"foreign-types-shared",
]
[[package]]
name = "foreign-types-shared"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
[[package]]
name = "form_urlencoded"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.2.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "e13624c2627564efccf4934284bdd98cbaa14e79b0b5a141218e507b3a823456"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"percent-encoding",
]
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
[[package]]
name = "fsevent-sys"
version = "4.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "76ee7a02da4d231650c7cea31349b889be2f45ddb3ef3032d2ec8185f6313fd2"
dependencies = [
"libc",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "futures"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "65bc07b1a8bc7c85c5f2e110c476c7389b4554ba72af57d8445ea63a576b0876"
dependencies = [
"futures-channel",
"futures-core",
"futures-executor",
"futures-io",
"futures-sink",
"futures-task",
"futures-util",
]
[[package]]
name = "futures-channel"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2dff15bf788c671c1934e366d07e30c1814a8ef514e1af724a602e8a2fbe1b10"
dependencies = [
"futures-core",
"futures-sink",
]
[[package]]
name = "futures-core"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "05f29059c0c2090612e8d742178b0580d2dc940c837851ad723096f87af6663e"
[[package]]
name = "futures-executor"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e28d1d997f585e54aebc3f97d39e72338912123a67330d723fdbb564d646c9f"
dependencies = [
"futures-core",
"futures-task",
"futures-util",
]
[[package]]
name = "futures-io"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9e5c1b78ca4aae1ac06c48a526a655760685149f0d465d21f37abfe57ce075c6"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "futures-lite"
version = "2.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f78e10609fe0e0b3f4157ffab1876319b5b0db102a2c60dc4626306dc46b44ad"
dependencies = [
"fastrand",
"futures-core",
"futures-io",
"parking",
"pin-project-lite",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "futures-macro"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "162ee34ebcb7c64a8abebc059ce0fee27c2262618d7b60ed8faf72fef13c3650"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "futures-sink"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e575fab7d1e0dcb8d0c7bcf9a63ee213816ab51902e6d244a95819acacf1d4f7"
[[package]]
name = "futures-task"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f90f7dce0722e95104fcb095585910c0977252f286e354b5e3bd38902cd99988"
[[package]]
name = "futures-util"
version = "0.3.31"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9fa08315bb612088cc391249efdc3bc77536f16c91f6cf495e6fbe85b20a4a81"
dependencies = [
"futures-channel",
"futures-core",
"futures-io",
"futures-macro",
"futures-sink",
"futures-task",
"memchr",
"pin-project-lite",
"pin-utils",
"slab",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "fxhash"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c31b6d751ae2c7f11320402d34e41349dd1016f8d5d45e48c4312bc8625af50c"
dependencies = [
"byteorder",
]
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
[[package]]
name = "generic-array"
version = "0.14.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
dependencies = [
"typenum",
"version_check",
]
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
[[package]]
name = "gethostname"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.4.3"
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "0176e0459c2e4a1fe232f984bca6890e681076abb9934f6cea7c326f3fc47818"
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
dependencies = [
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"libc",
"windows-targets 0.48.5",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
]
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "getopts"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.2.23"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "cba6ae63eb948698e300f645f87c70f76630d505f23b8907cf1e193ee85048c1"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
"unicode-width 0.2.1",
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "getrandom"
version = "0.2.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "335ff9f135e4384c8150d6f27c6daed433577f86b4750418338c01a1a2528592"
dependencies = [
"cfg-if",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"js-sys",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"libc",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"wasi 0.11.1+wasi-snapshot-preview1",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"wasm-bindgen",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "getrandom"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.3.3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "26145e563e54f2cadc477553f1ec5ee650b00862f0a58bcd12cbdc5f0ea2d2f4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cfg-if",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"js-sys",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"libc",
"r-efi",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"wasi 0.14.2+wasi-0.2.4",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"wasm-bindgen",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "gimli"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.31.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "07e28edb80900c19c28f1072f2e8aeca7fa06b23cd4169cefe1af5aa3260783f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
[[package]]
name = "globset"
version = "0.4.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "54a1028dfc5f5df5da8a56a73e6c153c9a9708ec57232470703592a3f18e49f5"
dependencies = [
"aho-corasick",
"bstr",
"log",
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"regex-automata",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"regex-syntax 0.8.5",
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "h2"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.4.11"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "17da50a276f1e01e0ba6c029e47b7100754904ee8a278f886546e98575380785"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"atomic-waker",
"bytes",
"fnv",
"futures-core",
"futures-sink",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"slab",
"tokio",
"tokio-util",
"tracing",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "half"
version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "459196ed295495a68f7d7fe1d84f6c4b7ff0e21fe3017b2f283c6fac3ad803c9"
dependencies = [
"cfg-if",
"crunchy",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "hashbrown"
version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
[[package]]
name = "hashbrown"
version = "0.14.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e5274423e17b7c9fc20b6e7e208532f9b19825d82dfd615708b70edd83df41f1"
dependencies = [
"ahash",
"allocator-api2",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "hashbrown"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.15.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "5971ac85611da7067dbfcabef3c70ebb5606018acd9e2a3903a0da507521e0d5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"allocator-api2",
"equivalent",
chore(deps): bump lru from 0.12.5 to 0.16.2 in /codex-rs (#8045) Bumps [lru](https://github.com/jeromefroe/lru-rs) from 0.12.5 to 0.16.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md">lru's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.2">v0.16.2</a> - 2025-10-14</h2> <ul> <li>Upgrade hashbrown dependency to 0.16.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.1">v0.16.1</a> - 2025-09-08</h2> <ul> <li>Fix <code>Clone</code> for unbounded cache.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.0">v0.16.0</a> - 2025-07-02</h2> <ul> <li>Implement <code>Clone</code> for caches with custom hashers.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.15.0">v0.15.0</a> - 2025-06-26</h2> <ul> <li>Return bool from <code>promote</code> and <code>demote</code> to indicate whether key was found.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.14.0">v0.14.0</a> - 2025-04-12</h2> <ul> <li>Use <code>NonZeroUsize::MAX</code> instead of <code>unwrap()</code>, and update MSRV to 1.70.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.13.0">v0.13.0</a> - 2025-01-27</h2> <ul> <li>Add <code>peek_mru</code> and <code>pop_mru</code> methods, upgrade dependency on <code>hashbrown</code> to 0.15.2, and update MSRV to 1.65.0.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c1f843ded02d718138483df6ed8da4961accc201"><code>c1f843d</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/223">#223</a> from jeromefroe/jerome/prepare-0-16-2-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/fc4f30953e75e4315d9d965a3e4b7f0968788d2a"><code>fc4f309</code></a> Prepare 0.16.2 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e91ea2bd85eabfc0769f1117bbba22699e766cb0"><code>e91ea2b</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/222">#222</a> from torokati44/hashbrown-0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/90d05feff3d795016c4f5a2e44215b35ee5816f7"><code>90d05fe</code></a> Update hashbrown to 0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c699209232539c72035d942888750878e590ab46"><code>c699209</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/220">#220</a> from jeromefroe/jerome/prepare-0-16-1-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/2bd820703080f0ee840dce10e7bd447fa8d2c83d"><code>2bd8207</code></a> Prepare 0.16.1 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/1b21bf1c5917e172edbfd0f5f87b2f6d94130724"><code>1b21bf1</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/219">#219</a> from wqfish/bk</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/3ec42b6369082c00da2836fe033db20cb52a36fc"><code>3ec42b6</code></a> Fix clone implementation for unbounded cache</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e2e3e47c33386672fc715deabf3494b071b8d04c"><code>e2e3e47</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/218">#218</a> from jeromefroe/jerome/prepare-0-16-0-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/17fe4f328aa4149814849ede11c283ff7ee27d31"><code>17fe4f3</code></a> Prepare 0.16.0 release</li> <li>Additional commits viewable in <a href="https://github.com/jeromefroe/lru-rs/compare/0.12.5...0.16.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lru&package-manager=cargo&previous-version=0.12.5&new-version=0.16.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:32:15 -08:00
"foldhash 0.1.5",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
[[package]]
name = "hashbrown"
version = "0.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5419bdc4f6a9207fbeba6d11b604d481addf78ecd10c11ad51e76c2f6482748d"
chore(deps): bump lru from 0.12.5 to 0.16.2 in /codex-rs (#8045) Bumps [lru](https://github.com/jeromefroe/lru-rs) from 0.12.5 to 0.16.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md">lru's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.2">v0.16.2</a> - 2025-10-14</h2> <ul> <li>Upgrade hashbrown dependency to 0.16.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.1">v0.16.1</a> - 2025-09-08</h2> <ul> <li>Fix <code>Clone</code> for unbounded cache.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.0">v0.16.0</a> - 2025-07-02</h2> <ul> <li>Implement <code>Clone</code> for caches with custom hashers.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.15.0">v0.15.0</a> - 2025-06-26</h2> <ul> <li>Return bool from <code>promote</code> and <code>demote</code> to indicate whether key was found.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.14.0">v0.14.0</a> - 2025-04-12</h2> <ul> <li>Use <code>NonZeroUsize::MAX</code> instead of <code>unwrap()</code>, and update MSRV to 1.70.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.13.0">v0.13.0</a> - 2025-01-27</h2> <ul> <li>Add <code>peek_mru</code> and <code>pop_mru</code> methods, upgrade dependency on <code>hashbrown</code> to 0.15.2, and update MSRV to 1.65.0.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c1f843ded02d718138483df6ed8da4961accc201"><code>c1f843d</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/223">#223</a> from jeromefroe/jerome/prepare-0-16-2-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/fc4f30953e75e4315d9d965a3e4b7f0968788d2a"><code>fc4f309</code></a> Prepare 0.16.2 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e91ea2bd85eabfc0769f1117bbba22699e766cb0"><code>e91ea2b</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/222">#222</a> from torokati44/hashbrown-0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/90d05feff3d795016c4f5a2e44215b35ee5816f7"><code>90d05fe</code></a> Update hashbrown to 0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c699209232539c72035d942888750878e590ab46"><code>c699209</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/220">#220</a> from jeromefroe/jerome/prepare-0-16-1-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/2bd820703080f0ee840dce10e7bd447fa8d2c83d"><code>2bd8207</code></a> Prepare 0.16.1 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/1b21bf1c5917e172edbfd0f5f87b2f6d94130724"><code>1b21bf1</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/219">#219</a> from wqfish/bk</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/3ec42b6369082c00da2836fe033db20cb52a36fc"><code>3ec42b6</code></a> Fix clone implementation for unbounded cache</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e2e3e47c33386672fc715deabf3494b071b8d04c"><code>e2e3e47</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/218">#218</a> from jeromefroe/jerome/prepare-0-16-0-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/17fe4f328aa4149814849ede11c283ff7ee27d31"><code>17fe4f3</code></a> Prepare 0.16.0 release</li> <li>Additional commits viewable in <a href="https://github.com/jeromefroe/lru-rs/compare/0.12.5...0.16.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lru&package-manager=cargo&previous-version=0.12.5&new-version=0.16.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:32:15 -08:00
dependencies = [
"allocator-api2",
"equivalent",
"foldhash 0.2.0",
]
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "heck"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea"
[[package]]
name = "hermit-abi"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.5.2"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "fc0fef456e4baa96da950455cd02c081ca953b141298e41db3fc7e36b1da849c"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "hex"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "hkdf"
version = "0.12.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7b5f8eb2ad728638ea2c7d47a21db23b7b58a72ed6a38256b8a1849f15fbbdf7"
dependencies = [
"hmac",
]
[[package]]
name = "hmac"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e"
dependencies = [
"digest",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "home"
version = "0.5.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "589533453244b0995c858700322199b2becb13b627df2851f64a2775d024abcf"
dependencies = [
"windows-sys 0.59.0",
]
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "hostname"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a56f203cd1c76362b69e3863fd987520ac36cf70a8c92627449b2f64a8cf7d65"
dependencies = [
"cfg-if",
"libc",
"windows-link 0.1.3",
]
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "http"
version = "0.2.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1"
dependencies = [
"bytes",
"fnv",
"itoa",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "http"
version = "1.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f4a85d31aea989eead29a3aaf9e1115a180df8282431156e533de47660892565"
dependencies = [
"bytes",
"fnv",
"itoa",
]
[[package]]
name = "http-body"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184"
dependencies = [
"bytes",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "http-body-util"
version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a"
dependencies = [
"bytes",
"futures-core",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"http-body",
"pin-project-lite",
]
[[package]]
name = "httparse"
version = "1.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6dbf3de79e51f3d586ab4cb9d5c3e2c14aa28ed23d180cf89b4df0454a69cc87"
[[package]]
name = "httpdate"
version = "1.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9"
[[package]]
name = "hyper"
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
version = "1.7.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
checksum = "eb3aa54a13a0dfe7fbe3a59e0c76093041720fdc77b110cc0fc260fafb4dc51e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
"atomic-waker",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"bytes",
"futures-channel",
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
"futures-core",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"h2",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"http-body",
"httparse",
"httpdate",
"itoa",
"pin-project-lite",
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
"pin-utils",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"smallvec",
"tokio",
"want",
]
[[package]]
name = "hyper-rustls"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.27.7"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"hyper",
"hyper-util",
"rustls",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"rustls-native-certs",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"rustls-pki-types",
"tokio",
"tokio-rustls",
"tower-service",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"webpki-roots",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "hyper-timeout"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2b90d566bffbce6a75bd8b09a05aa8c2cb1fabb6cb348f8840c9e4c90a0d83b0"
dependencies = [
"hyper",
"hyper-util",
"pin-project-lite",
"tokio",
"tower-service",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "hyper-tls"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "70206fc6890eaca9fde8a0bf71caa2ddfc9fe045ac9e5c70df101a7dbde866e0"
dependencies = [
"bytes",
"http-body-util",
"hyper",
"hyper-util",
"native-tls",
"tokio",
"tokio-native-tls",
"tower-service",
]
[[package]]
name = "hyper-util"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.1.16"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "8d9b05277c7e8da2c93a568989bb6207bef0112e8d17df7a6eda4a3cf143bc5e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"bytes",
"futures-channel",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"futures-core",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"futures-util",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"http-body",
"hyper",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"ipnet",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"libc",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"percent-encoding",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"pin-project-lite",
Support SYSTEM skills. (#8220) 1. Remove PUBLIC skills and introduce SYSTEM skills embedded in the binary and installed into $CODEX_HOME/skills/.system at startup. 2. Skills are now always enabled (feature flag removed). 3. Update skills/list to accept forceReload and plumb it through (not used by clients yet).
2025-12-17 18:48:28 -08:00
"socket2 0.6.1",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"system-configuration",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio",
"tower-service",
"tracing",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"windows-registry",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "iana-time-zone"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.1.63"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "b0c919e5debc312ad217002b8048a17b7d83f80703865bbfcfebb0458b0b27d8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"android_system_properties",
"core-foundation-sys",
"iana-time-zone-haiku",
"js-sys",
"log",
"wasm-bindgen",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-core 0.61.2",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "iana-time-zone-haiku"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f31827a206f56af32e590ba56d5d2d085f558508192593743f16b2306495269f"
dependencies = [
"cc",
]
[[package]]
name = "icu_collections"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "4c6b649701667bbe825c3b7e6388cb521c23d88644678e83c0c4d0a621a34b43"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"displaydoc",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"potential_utf",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"yoke",
"zerofrom",
"zerovec",
]
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
[[package]]
name = "icu_decimal"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "a38c52231bc348f9b982c1868a2af3195199623007ba2c7650f432038f5b3e8e"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
dependencies = [
"fixed_decimal",
"icu_decimal_data",
"icu_locale",
"icu_locale_core",
"icu_provider",
"writeable",
"zerovec",
]
[[package]]
name = "icu_decimal_data"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "2905b4044eab2dd848fe84199f9195567b63ab3a93094711501363f63546fef7"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
[[package]]
name = "icu_locale"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "532b11722e350ab6bf916ba6eb0efe3ee54b932666afec989465f9243fe6dd60"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
dependencies = [
"icu_collections",
"icu_locale_core",
"icu_locale_data",
"icu_provider",
"potential_utf",
"tinystr",
"zerovec",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
name = "icu_locale_core"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "edba7861004dd3714265b4db54a3c390e880ab658fec5f7db895fae2046b5bb6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"displaydoc",
"litemap",
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
"serde",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tinystr",
"writeable",
"zerovec",
]
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
[[package]]
name = "icu_locale_data"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "f03e2fcaefecdf05619f3d6f91740e79ab969b4dd54f77cbf546b1d0d28e3147"
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "icu_normalizer"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "5f6c8828b67bf8908d82127b2054ea1b4427ff0230ee9141c54251934ab1b599"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"icu_collections",
"icu_normalizer_data",
"icu_properties",
"icu_provider",
"smallvec",
"zerovec",
]
[[package]]
name = "icu_normalizer_data"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "7aedcccd01fc5fe81e6b489c15b247b8b0690feb23304303a9e560f37efc560a"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "icu_properties"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "e93fcd3157766c0c8da2f8cff6ce651a31f0810eaa1c51ec363ef790bbb5fb99"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"icu_collections",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"icu_locale_core",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"icu_properties_data",
"icu_provider",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"zerotrie",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"zerovec",
]
[[package]]
name = "icu_properties_data"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "02845b3647bb045f1100ecd6480ff52f34c35f82d9880e029d329c21d1054899"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "icu_provider"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "2.1.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "85962cf0ce02e1e0a629cc34e7ca3e373ce20dda4c4d7294bbd0bf1fdb59e614"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"displaydoc",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"icu_locale_core",
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
"serde",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"stable_deref_trait",
"writeable",
"yoke",
"zerofrom",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"zerotrie",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"zerovec",
]
[[package]]
name = "ident_case"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39"
[[package]]
name = "idna"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "686f825264d630750a544639377bae737628043f20d38bbc029e8f29ea968a7e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"idna_adapter",
"smallvec",
"utf8_iter",
]
[[package]]
name = "idna_adapter"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.2.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "3acae9609540aa318d1bc588455225fb2085b9ed0c4f6bd0d9d5bcd86f1a0344"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"icu_normalizer",
"icu_properties",
]
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
[[package]]
name = "ignore"
version = "0.4.23"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6d89fd380afde86567dfba715db065673989d6253f42b88179abd3eae47bda4b"
dependencies = [
"crossbeam-deque",
"globset",
"log",
"memchr",
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"regex-automata",
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
"same-file",
"walkdir",
"winapi-util",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "image"
chore(deps): bump image from 0.25.8 to 0.25.9 in /codex-rs (#7421) Bumps [image](https://github.com/image-rs/image) from 0.25.8 to 0.25.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/main/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.9</h3> <p>Features:</p> <ul> <li>Support extracting XMP metadata from PNG, JPEG, GIF, WebP and TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2567">#2567</a>, <a href="https://redirect.github.com/image-rs/image/issues/2634">#2634</a>, <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Support reading IPTC metadata from PNG and JPG files (<a href="https://redirect.github.com/image-rs/image/issues/2611">#2611</a>)</li> <li>Support reading ICC profile from GIF files (<a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Allow setting a specific DEFLATE compression level when writing PNG (<a href="https://redirect.github.com/image-rs/image/issues/2583">#2583</a>)</li> <li>Initial support for 16-bit CMYK TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2588">#2588</a>)</li> <li>Allow extracting the alpha channel of a <code>Pixel</code> in a generic way (<a href="https://redirect.github.com/image-rs/image/issues/2638">#2638</a>)</li> </ul> <p>Structural changes:</p> <ul> <li>EXR format decoding now only uses multi-threading via Rayon when the <code>rayon</code> feature is enabled (<a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a>)</li> <li>Upgraded zune-jpeg to 0.5.x, ravif to 0.12.x, gif to 0.14.x</li> <li>pnm: parse integers in PBM/PGM/PPM headers without allocations (<a href="https://redirect.github.com/image-rs/image/issues/2620">#2620</a>)</li> <li>Replace <code>doc_auto_cfg</code> with <code>doc_cfg</code> (<a href="https://redirect.github.com/image-rs/image/issues/2637">#2637</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Do not encode empty JPEG images (<a href="https://redirect.github.com/image-rs/image/issues/2624">#2624</a>)</li> <li>tga: reject empty images (<a href="https://redirect.github.com/image-rs/image/issues/2614">#2614</a>)</li> <li>tga: fix orientation flip for color mapped images (<a href="https://redirect.github.com/image-rs/image/issues/2607">#2607</a>)</li> <li>tga: adjust colormap lookup to match tga 2.0 spec (<a href="https://redirect.github.com/image-rs/image/issues/2608">#2608</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/5ceb6af6c2b6671931a02fda955ce1676321711d"><code>5ceb6af</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2640">#2640</a> from Shnatsel/release-v0.25.9</li> <li><a href="https://github.com/image-rs/image/commit/282d7b345c9899daabee56204985336d77dc88a7"><code>282d7b3</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2646">#2646</a> from oligamiq/main</li> <li><a href="https://github.com/image-rs/image/commit/5412aeee5a2561b5e5e04f71c58aa122eb91e0c8"><code>5412aee</code></a> Amend the note in accordance with the advice of 197g.</li> <li><a href="https://github.com/image-rs/image/commit/4e8a4ed2e8294b1a78db9713bffcc8b3faa19aed"><code>4e8a4ed</code></a> Clarify default features in README and add usage note</li> <li><a href="https://github.com/image-rs/image/commit/ca8fa528ff00e9320e94ccf94fea1d236f9c1553"><code>ca8fa52</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a> from image-rs/gif-0.14</li> <li><a href="https://github.com/image-rs/image/commit/d9bc8fe7909d50b2cfc624f27094f80b0f2e8740"><code>d9bc8fe</code></a> mention GIF 0.14 changes</li> <li><a href="https://github.com/image-rs/image/commit/053220a0b1a465cec46e4104c5d4b007a676f361"><code>053220a</code></a> Provide gif's XMP and ICC metadata</li> <li><a href="https://github.com/image-rs/image/commit/2ec20b3b3b2ba985da955ff34baab87b0d7df490"><code>2ec20b3</code></a> Prepare codec with gif@0.14</li> <li><a href="https://github.com/image-rs/image/commit/31939facce719c4b56391573c24911704c3f8649"><code>31939fa</code></a> Mention EXR rayon change</li> <li><a href="https://github.com/image-rs/image/commit/c7f68be265bd1b000712255d14ba548f2709ecf8"><code>c7f68be</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a> from Shnatsel/really-optional-rayon</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.8...v0.25.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.8&new-version=0.25.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:50:51 -08:00
version = "0.25.9"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump image from 0.25.8 to 0.25.9 in /codex-rs (#7421) Bumps [image](https://github.com/image-rs/image) from 0.25.8 to 0.25.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/main/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.9</h3> <p>Features:</p> <ul> <li>Support extracting XMP metadata from PNG, JPEG, GIF, WebP and TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2567">#2567</a>, <a href="https://redirect.github.com/image-rs/image/issues/2634">#2634</a>, <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Support reading IPTC metadata from PNG and JPG files (<a href="https://redirect.github.com/image-rs/image/issues/2611">#2611</a>)</li> <li>Support reading ICC profile from GIF files (<a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Allow setting a specific DEFLATE compression level when writing PNG (<a href="https://redirect.github.com/image-rs/image/issues/2583">#2583</a>)</li> <li>Initial support for 16-bit CMYK TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2588">#2588</a>)</li> <li>Allow extracting the alpha channel of a <code>Pixel</code> in a generic way (<a href="https://redirect.github.com/image-rs/image/issues/2638">#2638</a>)</li> </ul> <p>Structural changes:</p> <ul> <li>EXR format decoding now only uses multi-threading via Rayon when the <code>rayon</code> feature is enabled (<a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a>)</li> <li>Upgraded zune-jpeg to 0.5.x, ravif to 0.12.x, gif to 0.14.x</li> <li>pnm: parse integers in PBM/PGM/PPM headers without allocations (<a href="https://redirect.github.com/image-rs/image/issues/2620">#2620</a>)</li> <li>Replace <code>doc_auto_cfg</code> with <code>doc_cfg</code> (<a href="https://redirect.github.com/image-rs/image/issues/2637">#2637</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Do not encode empty JPEG images (<a href="https://redirect.github.com/image-rs/image/issues/2624">#2624</a>)</li> <li>tga: reject empty images (<a href="https://redirect.github.com/image-rs/image/issues/2614">#2614</a>)</li> <li>tga: fix orientation flip for color mapped images (<a href="https://redirect.github.com/image-rs/image/issues/2607">#2607</a>)</li> <li>tga: adjust colormap lookup to match tga 2.0 spec (<a href="https://redirect.github.com/image-rs/image/issues/2608">#2608</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/5ceb6af6c2b6671931a02fda955ce1676321711d"><code>5ceb6af</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2640">#2640</a> from Shnatsel/release-v0.25.9</li> <li><a href="https://github.com/image-rs/image/commit/282d7b345c9899daabee56204985336d77dc88a7"><code>282d7b3</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2646">#2646</a> from oligamiq/main</li> <li><a href="https://github.com/image-rs/image/commit/5412aeee5a2561b5e5e04f71c58aa122eb91e0c8"><code>5412aee</code></a> Amend the note in accordance with the advice of 197g.</li> <li><a href="https://github.com/image-rs/image/commit/4e8a4ed2e8294b1a78db9713bffcc8b3faa19aed"><code>4e8a4ed</code></a> Clarify default features in README and add usage note</li> <li><a href="https://github.com/image-rs/image/commit/ca8fa528ff00e9320e94ccf94fea1d236f9c1553"><code>ca8fa52</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a> from image-rs/gif-0.14</li> <li><a href="https://github.com/image-rs/image/commit/d9bc8fe7909d50b2cfc624f27094f80b0f2e8740"><code>d9bc8fe</code></a> mention GIF 0.14 changes</li> <li><a href="https://github.com/image-rs/image/commit/053220a0b1a465cec46e4104c5d4b007a676f361"><code>053220a</code></a> Provide gif's XMP and ICC metadata</li> <li><a href="https://github.com/image-rs/image/commit/2ec20b3b3b2ba985da955ff34baab87b0d7df490"><code>2ec20b3</code></a> Prepare codec with gif@0.14</li> <li><a href="https://github.com/image-rs/image/commit/31939facce719c4b56391573c24911704c3f8649"><code>31939fa</code></a> Mention EXR rayon change</li> <li><a href="https://github.com/image-rs/image/commit/c7f68be265bd1b000712255d14ba548f2709ecf8"><code>c7f68be</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a> from Shnatsel/really-optional-rayon</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.8...v0.25.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.8&new-version=0.25.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:50:51 -08:00
checksum = "e6506c6c10786659413faa717ceebcb8f70731c0a60cbae39795fdf114519c1a"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
dependencies = [
"bytemuck",
"byteorder-lite",
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
"moxcms",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
"num-traits",
"png",
"tiff",
chore(deps): bump image from 0.25.8 to 0.25.9 in /codex-rs (#7421) Bumps [image](https://github.com/image-rs/image) from 0.25.8 to 0.25.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/main/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.9</h3> <p>Features:</p> <ul> <li>Support extracting XMP metadata from PNG, JPEG, GIF, WebP and TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2567">#2567</a>, <a href="https://redirect.github.com/image-rs/image/issues/2634">#2634</a>, <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Support reading IPTC metadata from PNG and JPG files (<a href="https://redirect.github.com/image-rs/image/issues/2611">#2611</a>)</li> <li>Support reading ICC profile from GIF files (<a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Allow setting a specific DEFLATE compression level when writing PNG (<a href="https://redirect.github.com/image-rs/image/issues/2583">#2583</a>)</li> <li>Initial support for 16-bit CMYK TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2588">#2588</a>)</li> <li>Allow extracting the alpha channel of a <code>Pixel</code> in a generic way (<a href="https://redirect.github.com/image-rs/image/issues/2638">#2638</a>)</li> </ul> <p>Structural changes:</p> <ul> <li>EXR format decoding now only uses multi-threading via Rayon when the <code>rayon</code> feature is enabled (<a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a>)</li> <li>Upgraded zune-jpeg to 0.5.x, ravif to 0.12.x, gif to 0.14.x</li> <li>pnm: parse integers in PBM/PGM/PPM headers without allocations (<a href="https://redirect.github.com/image-rs/image/issues/2620">#2620</a>)</li> <li>Replace <code>doc_auto_cfg</code> with <code>doc_cfg</code> (<a href="https://redirect.github.com/image-rs/image/issues/2637">#2637</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Do not encode empty JPEG images (<a href="https://redirect.github.com/image-rs/image/issues/2624">#2624</a>)</li> <li>tga: reject empty images (<a href="https://redirect.github.com/image-rs/image/issues/2614">#2614</a>)</li> <li>tga: fix orientation flip for color mapped images (<a href="https://redirect.github.com/image-rs/image/issues/2607">#2607</a>)</li> <li>tga: adjust colormap lookup to match tga 2.0 spec (<a href="https://redirect.github.com/image-rs/image/issues/2608">#2608</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/5ceb6af6c2b6671931a02fda955ce1676321711d"><code>5ceb6af</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2640">#2640</a> from Shnatsel/release-v0.25.9</li> <li><a href="https://github.com/image-rs/image/commit/282d7b345c9899daabee56204985336d77dc88a7"><code>282d7b3</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2646">#2646</a> from oligamiq/main</li> <li><a href="https://github.com/image-rs/image/commit/5412aeee5a2561b5e5e04f71c58aa122eb91e0c8"><code>5412aee</code></a> Amend the note in accordance with the advice of 197g.</li> <li><a href="https://github.com/image-rs/image/commit/4e8a4ed2e8294b1a78db9713bffcc8b3faa19aed"><code>4e8a4ed</code></a> Clarify default features in README and add usage note</li> <li><a href="https://github.com/image-rs/image/commit/ca8fa528ff00e9320e94ccf94fea1d236f9c1553"><code>ca8fa52</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a> from image-rs/gif-0.14</li> <li><a href="https://github.com/image-rs/image/commit/d9bc8fe7909d50b2cfc624f27094f80b0f2e8740"><code>d9bc8fe</code></a> mention GIF 0.14 changes</li> <li><a href="https://github.com/image-rs/image/commit/053220a0b1a465cec46e4104c5d4b007a676f361"><code>053220a</code></a> Provide gif's XMP and ICC metadata</li> <li><a href="https://github.com/image-rs/image/commit/2ec20b3b3b2ba985da955ff34baab87b0d7df490"><code>2ec20b3</code></a> Prepare codec with gif@0.14</li> <li><a href="https://github.com/image-rs/image/commit/31939facce719c4b56391573c24911704c3f8649"><code>31939fa</code></a> Mention EXR rayon change</li> <li><a href="https://github.com/image-rs/image/commit/c7f68be265bd1b000712255d14ba548f2709ecf8"><code>c7f68be</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a> from Shnatsel/really-optional-rayon</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.8...v0.25.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.8&new-version=0.25.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:50:51 -08:00
"zune-core 0.5.0",
"zune-jpeg 0.5.5",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
]
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "impl-more"
version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e8a5a9a0ff0086c7a148acb942baaabeadf9504d10400b5a05645853729b9cd2"
Support SYSTEM skills. (#8220) 1. Remove PUBLIC skills and introduce SYSTEM skills embedded in the binary and installed into $CODEX_HOME/skills/.system at startup. 2. Skills are now always enabled (feature flag removed). 3. Update skills/list to accept forceReload and plumb it through (not used by clients yet).
2025-12-17 18:48:28 -08:00
[[package]]
name = "include_dir"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "923d117408f1e49d914f1a379a309cffe4f18c05cf4e3d12e613a15fc81bd0dd"
dependencies = [
"include_dir_macros",
]
[[package]]
name = "include_dir_macros"
version = "0.7.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7cab85a7ed0bd5f0e76d93846e0147172bed2e2d3f859bcc33a8d9699cad1a75"
dependencies = [
"proc-macro2",
"quote",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "indenter"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.3.3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "ce23b50ad8242c51a442f3ff322d56b02f08852c77e4c0b4d3fd684abc89c683"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "indexmap"
version = "1.9.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99"
dependencies = [
"autocfg",
"hashbrown 0.12.3",
"serde",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "indexmap"
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
version = "2.12.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
checksum = "6717a8d2a5a929a1a2eb43a12812498ed141a0bcfb7e8f7844fbdbe4303bba9f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"equivalent",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"hashbrown 0.16.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"serde",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"serde_core",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "indoc"
version = "2.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f4c7245a08504955605670dbf141fceab975f15ca21570696aebe9d2e71576bd"
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
[[package]]
name = "inotify"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f37dccff2791ab604f9babef0ba14fbe0be30bd368dc541e2b08d07c8aa908f3"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
"inotify-sys",
"libc",
]
[[package]]
name = "inotify-sys"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e05c02b5e89bff3b946cedeca278abc628fe811e604f027c45a8aa3cf793d0eb"
dependencies = [
"libc",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "inout"
version = "0.1.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "879f10e63c20629ecabbb64a8010319738c66a5cd0c29b02d63d272b03751d01"
dependencies = [
"block-padding",
"generic-array",
]
Add paste summarization to Codex TUI (#1549) ## Summary - introduce `Paste` event to avoid per-character paste handling - collapse large pasted blocks to `[Pasted Content X lines]` - store the real text so submission still includes it - wire paste handling through `App`, `ChatWidget`, `BottomPane`, and `ChatComposer` ## Testing - `cargo test -p codex-tui` ------ https://chatgpt.com/codex/tasks/task_i_6871e24abf80832184d1f3ca0c61a5ee https://github.com/user-attachments/assets/eda7412f-da30-4474-9f7c-96b49d48fbf8
2025-07-12 15:32:00 -07:00
[[package]]
name = "insta"
chore(deps): bump insta from 1.43.2 to 1.44.3 in /codex-rs (#7715) Bumps [insta](https://github.com/mitsuhiko/insta) from 1.43.2 to 1.44.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/releases">insta's releases</a>.</em></p> <blockquote> <h2>1.44.3</h2> <h2>Release Notes</h2> <ul> <li>Fix a regression in 1.44.2 where merge conflict detection was too aggressive, incorrectly flagging snapshot content containing <code>======</code> or similar patterns as conflicts. <a href="https://redirect.github.com/mitsuhiko/insta/issues/832">#832</a></li> <li>Fix a regression in 1.42.2 where inline snapshot updates would corrupt the file when code preceded the macro (e.g., <code>let output = assert_snapshot!(...)</code>). <a href="https://redirect.github.com/mitsuhiko/insta/issues/833">#833</a></li> </ul> <h2>Install cargo-insta 1.44.3</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-installer.sh | sh </code></pre> <h3>Install prebuilt binaries via powershell script</h3> <pre lang="sh"><code>powershell -ExecutionPolicy Bypass -c &quot;irm https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-installer.ps1 | iex&quot; </code></pre> <h2>Download cargo-insta 1.44.3</h2> <table> <thead> <tr> <th>File</th> <th>Platform</th> <th>Checksum</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-aarch64-apple-darwin.tar.xz">cargo-insta-aarch64-apple-darwin.tar.xz</a></td> <td>Apple Silicon macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-aarch64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-apple-darwin.tar.xz">cargo-insta-x86_64-apple-darwin.tar.xz</a></td> <td>Intel macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-pc-windows-msvc.zip">cargo-insta-x86_64-pc-windows-msvc.zip</a></td> <td>x64 Windows</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-pc-windows-msvc.zip.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-gnu.tar.xz">cargo-insta-x86_64-unknown-linux-gnu.tar.xz</a></td> <td>x64 Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-gnu.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-musl.tar.xz">cargo-insta-x86_64-unknown-linux-musl.tar.xz</a></td> <td>x64 MUSL Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-musl.tar.xz.sha256">checksum</a></td> </tr> </tbody> </table> <h2>1.44.2</h2> <h2>Release Notes</h2> <ul> <li>Fix a rare backward compatibility issue where inline snapshots using an uncommon legacy format (single-line content stored in multiline raw strings) could fail to match after 1.44.0. <a href="https://redirect.github.com/mitsuhiko/insta/issues/830">#830</a></li> <li>Handle merge conflicts in snapshot files gracefully. When a snapshot file contains git merge conflict markers, insta now detects them and treats the snapshot as missing, allowing tests to continue and create a new pending snapshot for review. <a href="https://redirect.github.com/mitsuhiko/insta/issues/829">#829</a></li> <li>Skip nextest_doctest tests when cargo-nextest is not installed. <a href="https://redirect.github.com/mitsuhiko/insta/issues/826">#826</a></li> <li>Fix functional tests failing under nextest due to inherited <code>NEXTEST_RUN_ID</code> environment variable. <a href="https://redirect.github.com/mitsuhiko/insta/issues/824">#824</a></li> </ul> <h2>Install cargo-insta 1.44.2</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.44.2/cargo-insta-installer.sh | sh </code></pre> <h3>Install prebuilt binaries via powershell script</h3> <pre lang="sh"><code>powershell -ExecutionPolicy Bypass -c &quot;irm https://github.com/mitsuhiko/insta/releases/download/1.44.2/cargo-insta-installer.ps1 | iex&quot; &lt;/tr&gt;&lt;/table&gt; </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md">insta's changelog</a>.</em></p> <blockquote> <h2>1.44.3</h2> <ul> <li>Fix a regression in 1.44.2 where merge conflict detection was too aggressive, incorrectly flagging snapshot content containing <code>======</code> or similar patterns as conflicts. <a href="https://redirect.github.com/mitsuhiko/insta/issues/832">#832</a></li> <li>Fix a regression in 1.42.2 where inline snapshot updates would corrupt the file when code preceded the macro (e.g., <code>let output = assert_snapshot!(...)</code>). <a href="https://redirect.github.com/mitsuhiko/insta/issues/833">#833</a></li> </ul> <h2>1.44.2</h2> <ul> <li>Fix a rare backward compatibility issue where inline snapshots using an uncommon legacy format (single-line content stored in multiline raw strings) could fail to match after 1.44.0. <a href="https://redirect.github.com/mitsuhiko/insta/issues/830">#830</a></li> <li>Handle merge conflicts in snapshot files gracefully. When a snapshot file contains git merge conflict markers, insta now detects them and treats the snapshot as missing, allowing tests to continue and create a new pending snapshot for review. <a href="https://redirect.github.com/mitsuhiko/insta/issues/829">#829</a></li> <li>Skip nextest_doctest tests when cargo-nextest is not installed. <a href="https://redirect.github.com/mitsuhiko/insta/issues/826">#826</a></li> <li>Fix functional tests failing under nextest due to inherited <code>NEXTEST_RUN_ID</code> environment variable. <a href="https://redirect.github.com/mitsuhiko/insta/issues/824">#824</a></li> </ul> <h2>1.44.1</h2> <ul> <li>Add <code>--dnd</code> alias for <code>--disable-nextest-doctest</code> flag to make it easier to silence the deprecation warning. <a href="https://redirect.github.com/mitsuhiko/insta/issues/822">#822</a></li> <li>Update cargo-dist to 0.30.2 and fix Windows runner to use windows-2022. <a href="https://redirect.github.com/mitsuhiko/insta/issues/821">#821</a></li> </ul> <h2>1.44.0</h2> <ul> <li>Added non-interactive snapshot review and reject modes for use in non-TTY environments (LLMs, CI pipelines, scripts). <code>cargo insta review --snapshot &lt;path&gt;</code> and <code>cargo insta reject --snapshot &lt;path&gt;</code> now work without a terminal. Enhanced <code>pending-snapshots</code> output with usage instructions and workspace-relative paths. <a href="https://redirect.github.com/mitsuhiko/insta/issues/815">#815</a></li> <li>Add <code>--disable-nextest-doctest</code> flag to <code>cargo insta test</code> to disable running doctests with nextest. Shows a deprecation warning when nextest is used with doctests without this flag, to prepare <code>cargo insta</code> to no longer run a separate doctest process when using nextest in the future. <a href="https://redirect.github.com/mitsuhiko/insta/issues/803">#803</a></li> <li>Add ergonomic <code>--test-runner-fallback</code> / <code>--no-test-runner-fallback</code> flags to <code>cargo insta test</code>. <a href="https://redirect.github.com/mitsuhiko/insta/issues/811">#811</a></li> <li>Apply redactions to snapshot metadata. <a href="https://redirect.github.com/mitsuhiko/insta/issues/813">#813</a></li> <li>Remove confusing 'previously unseen snapshot' message. <a href="https://redirect.github.com/mitsuhiko/insta/issues/812">#812</a></li> <li>Speed up JSON float rendering. <a href="https://redirect.github.com/mitsuhiko/insta/issues/806">#806</a> (<a href="https://github.com/nyurik"><code>@​nyurik</code></a>)</li> <li>Allow globset version up to 0.4.16. <a href="https://redirect.github.com/mitsuhiko/insta/issues/810">#810</a> (<a href="https://github.com/g0hl1n"><code>@​g0hl1n</code></a>)</li> <li>Improve documentation. <a href="https://redirect.github.com/mitsuhiko/insta/issues/814">#814</a> (<a href="https://github.com/tshepang"><code>@​tshepang</code></a>)</li> <li>We no longer trim starting newlines during assertions, which allows asserting the number of leading newlines match. Existing assertions with different leading newlines will pass and print a warning suggesting running with <code>--force-update-snapshots</code>. They may fail in the future. (Note that we still currently allow differing <em>trailing</em> newlines, though may adjust this in the future). <a href="https://redirect.github.com/mitsuhiko/insta/issues/563">#563</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mitsuhiko/insta/commit/dcbb11fdc1ceb99a8cf45a1dae1f5c1f0aade75f"><code>dcbb11f</code></a> Prepare release 1.44.3 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/838">#838</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/3b9ec12268b1832a12c8b38f4e172eda5d198ac6"><code>3b9ec12</code></a> Refine test name &amp; description (<a href="https://redirect.github.com/mitsuhiko/insta/issues/837">#837</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/ee4e1ea39cdd2709485a07de52a8cb46c48ad0ab"><code>ee4e1ea</code></a> Handle unparsable snapshot files gracefully (<a href="https://redirect.github.com/mitsuhiko/insta/issues/836">#836</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/778f7336b416b224f89bb855d5bfaa4819bd2465"><code>778f733</code></a> Fix for code before macros, such as <code>let foo = assert_snapshot!</code> (<a href="https://redirect.github.com/mitsuhiko/insta/issues/835">#835</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/6cb41aff12a732cbe45204d3137fddfc2afe0ce3"><code>6cb41af</code></a> Prepare release 1.44.2 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/831">#831</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/8838b2fe449800a830e356e173a70e1880e22809"><code>8838b2f</code></a> Handle merge conflicts in snapshot files gracefully (<a href="https://redirect.github.com/mitsuhiko/insta/issues/829">#829</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/e55ce9946d9921ccb93114e81c77d2eb9a8850bf"><code>e55ce99</code></a> Fix backward compatibility for legacy inline snapshot format (<a href="https://redirect.github.com/mitsuhiko/insta/issues/830">#830</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/d44dd422b1f632532304c66ba1815c83f11a31d0"><code>d44dd42</code></a> Skip nextest_doctest tests when cargo-nextest is not installed (<a href="https://redirect.github.com/mitsuhiko/insta/issues/826">#826</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/a711bafd633f126cf366f6be0adc43f775ac8b49"><code>a711baf</code></a> Fix functional tests failing under nextest (<a href="https://redirect.github.com/mitsuhiko/insta/issues/824">#824</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/ba9ea5148c248a875d3a410bd2c7f746f65a3ca7"><code>ba9ea51</code></a> Prepare release 1.44.1 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/823">#823</a>)</li> <li>Additional commits viewable in <a href="https://github.com/mitsuhiko/insta/compare/1.43.2...1.44.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=insta&package-manager=cargo&previous-version=1.43.2&new-version=1.44.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-08 08:59:19 -08:00
version = "1.44.3"
Add paste summarization to Codex TUI (#1549) ## Summary - introduce `Paste` event to avoid per-character paste handling - collapse large pasted blocks to `[Pasted Content X lines]` - store the real text so submission still includes it - wire paste handling through `App`, `ChatWidget`, `BottomPane`, and `ChatComposer` ## Testing - `cargo test -p codex-tui` ------ https://chatgpt.com/codex/tasks/task_i_6871e24abf80832184d1f3ca0c61a5ee https://github.com/user-attachments/assets/eda7412f-da30-4474-9f7c-96b49d48fbf8
2025-07-12 15:32:00 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump insta from 1.43.2 to 1.44.3 in /codex-rs (#7715) Bumps [insta](https://github.com/mitsuhiko/insta) from 1.43.2 to 1.44.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/releases">insta's releases</a>.</em></p> <blockquote> <h2>1.44.3</h2> <h2>Release Notes</h2> <ul> <li>Fix a regression in 1.44.2 where merge conflict detection was too aggressive, incorrectly flagging snapshot content containing <code>======</code> or similar patterns as conflicts. <a href="https://redirect.github.com/mitsuhiko/insta/issues/832">#832</a></li> <li>Fix a regression in 1.42.2 where inline snapshot updates would corrupt the file when code preceded the macro (e.g., <code>let output = assert_snapshot!(...)</code>). <a href="https://redirect.github.com/mitsuhiko/insta/issues/833">#833</a></li> </ul> <h2>Install cargo-insta 1.44.3</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-installer.sh | sh </code></pre> <h3>Install prebuilt binaries via powershell script</h3> <pre lang="sh"><code>powershell -ExecutionPolicy Bypass -c &quot;irm https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-installer.ps1 | iex&quot; </code></pre> <h2>Download cargo-insta 1.44.3</h2> <table> <thead> <tr> <th>File</th> <th>Platform</th> <th>Checksum</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-aarch64-apple-darwin.tar.xz">cargo-insta-aarch64-apple-darwin.tar.xz</a></td> <td>Apple Silicon macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-aarch64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-apple-darwin.tar.xz">cargo-insta-x86_64-apple-darwin.tar.xz</a></td> <td>Intel macOS</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-apple-darwin.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-pc-windows-msvc.zip">cargo-insta-x86_64-pc-windows-msvc.zip</a></td> <td>x64 Windows</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-pc-windows-msvc.zip.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-gnu.tar.xz">cargo-insta-x86_64-unknown-linux-gnu.tar.xz</a></td> <td>x64 Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-gnu.tar.xz.sha256">checksum</a></td> </tr> <tr> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-musl.tar.xz">cargo-insta-x86_64-unknown-linux-musl.tar.xz</a></td> <td>x64 MUSL Linux</td> <td><a href="https://github.com/mitsuhiko/insta/releases/download/1.44.3/cargo-insta-x86_64-unknown-linux-musl.tar.xz.sha256">checksum</a></td> </tr> </tbody> </table> <h2>1.44.2</h2> <h2>Release Notes</h2> <ul> <li>Fix a rare backward compatibility issue where inline snapshots using an uncommon legacy format (single-line content stored in multiline raw strings) could fail to match after 1.44.0. <a href="https://redirect.github.com/mitsuhiko/insta/issues/830">#830</a></li> <li>Handle merge conflicts in snapshot files gracefully. When a snapshot file contains git merge conflict markers, insta now detects them and treats the snapshot as missing, allowing tests to continue and create a new pending snapshot for review. <a href="https://redirect.github.com/mitsuhiko/insta/issues/829">#829</a></li> <li>Skip nextest_doctest tests when cargo-nextest is not installed. <a href="https://redirect.github.com/mitsuhiko/insta/issues/826">#826</a></li> <li>Fix functional tests failing under nextest due to inherited <code>NEXTEST_RUN_ID</code> environment variable. <a href="https://redirect.github.com/mitsuhiko/insta/issues/824">#824</a></li> </ul> <h2>Install cargo-insta 1.44.2</h2> <h3>Install prebuilt binaries via shell script</h3> <pre lang="sh"><code>curl --proto '=https' --tlsv1.2 -LsSf https://github.com/mitsuhiko/insta/releases/download/1.44.2/cargo-insta-installer.sh | sh </code></pre> <h3>Install prebuilt binaries via powershell script</h3> <pre lang="sh"><code>powershell -ExecutionPolicy Bypass -c &quot;irm https://github.com/mitsuhiko/insta/releases/download/1.44.2/cargo-insta-installer.ps1 | iex&quot; &lt;/tr&gt;&lt;/table&gt; </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/mitsuhiko/insta/blob/master/CHANGELOG.md">insta's changelog</a>.</em></p> <blockquote> <h2>1.44.3</h2> <ul> <li>Fix a regression in 1.44.2 where merge conflict detection was too aggressive, incorrectly flagging snapshot content containing <code>======</code> or similar patterns as conflicts. <a href="https://redirect.github.com/mitsuhiko/insta/issues/832">#832</a></li> <li>Fix a regression in 1.42.2 where inline snapshot updates would corrupt the file when code preceded the macro (e.g., <code>let output = assert_snapshot!(...)</code>). <a href="https://redirect.github.com/mitsuhiko/insta/issues/833">#833</a></li> </ul> <h2>1.44.2</h2> <ul> <li>Fix a rare backward compatibility issue where inline snapshots using an uncommon legacy format (single-line content stored in multiline raw strings) could fail to match after 1.44.0. <a href="https://redirect.github.com/mitsuhiko/insta/issues/830">#830</a></li> <li>Handle merge conflicts in snapshot files gracefully. When a snapshot file contains git merge conflict markers, insta now detects them and treats the snapshot as missing, allowing tests to continue and create a new pending snapshot for review. <a href="https://redirect.github.com/mitsuhiko/insta/issues/829">#829</a></li> <li>Skip nextest_doctest tests when cargo-nextest is not installed. <a href="https://redirect.github.com/mitsuhiko/insta/issues/826">#826</a></li> <li>Fix functional tests failing under nextest due to inherited <code>NEXTEST_RUN_ID</code> environment variable. <a href="https://redirect.github.com/mitsuhiko/insta/issues/824">#824</a></li> </ul> <h2>1.44.1</h2> <ul> <li>Add <code>--dnd</code> alias for <code>--disable-nextest-doctest</code> flag to make it easier to silence the deprecation warning. <a href="https://redirect.github.com/mitsuhiko/insta/issues/822">#822</a></li> <li>Update cargo-dist to 0.30.2 and fix Windows runner to use windows-2022. <a href="https://redirect.github.com/mitsuhiko/insta/issues/821">#821</a></li> </ul> <h2>1.44.0</h2> <ul> <li>Added non-interactive snapshot review and reject modes for use in non-TTY environments (LLMs, CI pipelines, scripts). <code>cargo insta review --snapshot &lt;path&gt;</code> and <code>cargo insta reject --snapshot &lt;path&gt;</code> now work without a terminal. Enhanced <code>pending-snapshots</code> output with usage instructions and workspace-relative paths. <a href="https://redirect.github.com/mitsuhiko/insta/issues/815">#815</a></li> <li>Add <code>--disable-nextest-doctest</code> flag to <code>cargo insta test</code> to disable running doctests with nextest. Shows a deprecation warning when nextest is used with doctests without this flag, to prepare <code>cargo insta</code> to no longer run a separate doctest process when using nextest in the future. <a href="https://redirect.github.com/mitsuhiko/insta/issues/803">#803</a></li> <li>Add ergonomic <code>--test-runner-fallback</code> / <code>--no-test-runner-fallback</code> flags to <code>cargo insta test</code>. <a href="https://redirect.github.com/mitsuhiko/insta/issues/811">#811</a></li> <li>Apply redactions to snapshot metadata. <a href="https://redirect.github.com/mitsuhiko/insta/issues/813">#813</a></li> <li>Remove confusing 'previously unseen snapshot' message. <a href="https://redirect.github.com/mitsuhiko/insta/issues/812">#812</a></li> <li>Speed up JSON float rendering. <a href="https://redirect.github.com/mitsuhiko/insta/issues/806">#806</a> (<a href="https://github.com/nyurik"><code>@​nyurik</code></a>)</li> <li>Allow globset version up to 0.4.16. <a href="https://redirect.github.com/mitsuhiko/insta/issues/810">#810</a> (<a href="https://github.com/g0hl1n"><code>@​g0hl1n</code></a>)</li> <li>Improve documentation. <a href="https://redirect.github.com/mitsuhiko/insta/issues/814">#814</a> (<a href="https://github.com/tshepang"><code>@​tshepang</code></a>)</li> <li>We no longer trim starting newlines during assertions, which allows asserting the number of leading newlines match. Existing assertions with different leading newlines will pass and print a warning suggesting running with <code>--force-update-snapshots</code>. They may fail in the future. (Note that we still currently allow differing <em>trailing</em> newlines, though may adjust this in the future). <a href="https://redirect.github.com/mitsuhiko/insta/issues/563">#563</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mitsuhiko/insta/commit/dcbb11fdc1ceb99a8cf45a1dae1f5c1f0aade75f"><code>dcbb11f</code></a> Prepare release 1.44.3 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/838">#838</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/3b9ec12268b1832a12c8b38f4e172eda5d198ac6"><code>3b9ec12</code></a> Refine test name &amp; description (<a href="https://redirect.github.com/mitsuhiko/insta/issues/837">#837</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/ee4e1ea39cdd2709485a07de52a8cb46c48ad0ab"><code>ee4e1ea</code></a> Handle unparsable snapshot files gracefully (<a href="https://redirect.github.com/mitsuhiko/insta/issues/836">#836</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/778f7336b416b224f89bb855d5bfaa4819bd2465"><code>778f733</code></a> Fix for code before macros, such as <code>let foo = assert_snapshot!</code> (<a href="https://redirect.github.com/mitsuhiko/insta/issues/835">#835</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/6cb41aff12a732cbe45204d3137fddfc2afe0ce3"><code>6cb41af</code></a> Prepare release 1.44.2 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/831">#831</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/8838b2fe449800a830e356e173a70e1880e22809"><code>8838b2f</code></a> Handle merge conflicts in snapshot files gracefully (<a href="https://redirect.github.com/mitsuhiko/insta/issues/829">#829</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/e55ce9946d9921ccb93114e81c77d2eb9a8850bf"><code>e55ce99</code></a> Fix backward compatibility for legacy inline snapshot format (<a href="https://redirect.github.com/mitsuhiko/insta/issues/830">#830</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/d44dd422b1f632532304c66ba1815c83f11a31d0"><code>d44dd42</code></a> Skip nextest_doctest tests when cargo-nextest is not installed (<a href="https://redirect.github.com/mitsuhiko/insta/issues/826">#826</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/a711bafd633f126cf366f6be0adc43f775ac8b49"><code>a711baf</code></a> Fix functional tests failing under nextest (<a href="https://redirect.github.com/mitsuhiko/insta/issues/824">#824</a>)</li> <li><a href="https://github.com/mitsuhiko/insta/commit/ba9ea5148c248a875d3a410bd2c7f746f65a3ca7"><code>ba9ea51</code></a> Prepare release 1.44.1 (<a href="https://redirect.github.com/mitsuhiko/insta/issues/823">#823</a>)</li> <li>Additional commits viewable in <a href="https://github.com/mitsuhiko/insta/compare/1.43.2...1.44.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=insta&package-manager=cargo&previous-version=1.43.2&new-version=1.44.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-08 08:59:19 -08:00
checksum = "b5c943d4415edd8153251b6f197de5eb1640e56d84e8d9159bea190421c73698"
Add paste summarization to Codex TUI (#1549) ## Summary - introduce `Paste` event to avoid per-character paste handling - collapse large pasted blocks to `[Pasted Content X lines]` - store the real text so submission still includes it - wire paste handling through `App`, `ChatWidget`, `BottomPane`, and `ChatComposer` ## Testing - `cargo test -p codex-tui` ------ https://chatgpt.com/codex/tasks/task_i_6871e24abf80832184d1f3ca0c61a5ee https://github.com/user-attachments/assets/eda7412f-da30-4474-9f7c-96b49d48fbf8
2025-07-12 15:32:00 -07:00
dependencies = [
"console",
"once_cell",
"similar",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "instability"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
version = "0.3.9"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
checksum = "435d80800b936787d62688c927b6490e887c7ef5ff9ce922c6c6050fca75eb9a"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"darling 0.20.11",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"indoc",
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
[[package]]
name = "inventory"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.3.20"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "ab08d7cd2c5897f2c949e5383ea7c7db03fb19130ffcfbf7eda795137ae3cb83"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
"rustversion",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "io-uring"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.7.9"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "d93587f37623a1a17d94ef2bc9ada592f5465fe7732084ab7beefabe5c77c0c4"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"cfg-if",
"libc",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "ipnet"
version = "2.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "469fb0b9cefa57e3ef31275ee7cacb78f2fdca44e4765491884a2b119d4eb130"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "iri-string"
version = "0.7.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dbc5ebe9c3a1a7a5127f920a418f7585e9e758e911d0466ed004f393b0e380b2"
dependencies = [
"memchr",
"serde",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "is-terminal"
version = "0.4.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e04d7f318608d35d4b61ddd75cbdaee86b023ebe2bd5a66ee0915f0bf93095a9"
dependencies = [
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"hermit-abi",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"libc",
feat: add shell snapshot for shell command (#7786)
2025-12-11 13:46:43 +00:00
"windows-sys 0.59.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
shimmer on working (#1807) change the animation on "working" to be a text shimmer https://github.com/user-attachments/assets/f64529eb-1c64-493a-8d97-0f68b964bdd0
2025-08-03 11:51:33 -07:00
[[package]]
name = "is_ci"
version = "1.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7655c9839580ee829dfacba1d1278c2b7883e50a277ff7541299489d6bdfdc45"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "is_terminal_polyfill"
version = "1.70.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "itertools"
version = "0.10.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473"
dependencies = [
"either",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "itertools"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "413ee7dfc52ee1a4949ceeb7dbc8a33f2d6c088194d9f922fb8318faf1f01186"
dependencies = [
"either",
]
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "itertools"
version = "0.14.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2b192c782037fadd9cfa75548310488aabdbf3d2da73885b31bd0abd03351285"
dependencies = [
"either",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "itoa"
version = "1.0.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4a5f13b858c8d314ee3e8f639011f7ccefe71f97f96e50151fb991f267928e2c"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "jiff"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.2.15"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "be1f93b8b1eb69c77f24bbb0afdf66f54b632ee39af40ca21c4365a1d7347e49"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
"jiff-static",
"log",
"portable-atomic",
"portable-atomic-util",
"serde",
]
[[package]]
name = "jiff-static"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.2.15"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "03343451ff899767262ec32146f6d559dd759fdadf42ff0e227c7c48f72594b4"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "jni"
version = "0.21.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1a87aa2bb7d2af34197c04845522473242e1aa17c12f4935d5856491a7fb8c97"
dependencies = [
"cesu8",
"cfg-if",
"combine",
"jni-sys",
"log",
"thiserror 1.0.69",
"walkdir",
"windows-sys 0.45.0",
]
[[package]]
name = "jni-sys"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8eaf4bc02d17cbdd7ff4c7438cafcdf7fb9a4613313ad11b4f8fefe7d3fa0130"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "js-sys"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.3.77"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "1cfaf33c695fc6e08064efbc1f72ec937429614f25eef83af942d0e227c3a28f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"once_cell",
"wasm-bindgen",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "keyring"
version = "3.6.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eebcc3aff044e5944a8fbaf69eb277d11986064cba30c468730e8b9909fb551c"
dependencies = [
"byteorder",
"dbus-secret-service",
"linux-keyutils",
"log",
"secret-service",
"security-framework 2.11.1",
"security-framework 3.5.1",
"windows-sys 0.60.2",
"zbus",
"zeroize",
]
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
[[package]]
name = "kqueue"
version = "1.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eac30106d7dce88daf4a3fcb4879ea939476d5074a9b7ddd0fb97fa4bed5596a"
dependencies = [
"kqueue-sys",
"libc",
]
[[package]]
name = "kqueue-sys"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed9625ffda8729b85e45cf04090035ac368927b8cebc34898e7c120f52e4838b"
dependencies = [
"bitflags 1.3.2",
"libc",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "lalrpop"
version = "0.19.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0a1cbf952127589f2851ab2046af368fd20645491bb4b376f04b7f94d7a9837b"
dependencies = [
"ascii-canvas",
"bit-set",
"diff",
"ena",
"is-terminal",
"itertools 0.10.5",
"lalrpop-util",
"petgraph",
"regex",
"regex-syntax 0.6.29",
"string_cache",
"term",
"tiny-keccak",
"unicode-xid",
]
[[package]]
name = "lalrpop-util"
version = "0.19.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d3c48237b9604c5a4702de6b824e02006c3214327564636aef27c1028a8fa0ed"
dependencies = [
"regex",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "landlock"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.4.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "b3d2ef408b88e913bfc6594f5e693d57676f6463ded7d8bf994175364320c706"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"enumflags2",
"libc",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "language-tags"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d4345964bb142484797b161f473a503a434de77149dd8c7427788c6e13379388"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "lazy_static"
version = "1.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
[[package]]
name = "libc"
chore(deps): bump libc from 0.2.175 to 0.2.177 in /codex-rs (#7224) Bumps [libc](https://github.com/rust-lang/libc) from 0.2.175 to 0.2.177. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/libc/releases">libc's releases</a>.</em></p> <blockquote> <h2>0.2.177</h2> <h3>Added</h3> <ul> <li>Apple: Add <code>TIOCGETA</code>, <code>TIOCSETA</code>, <code>TIOCSETAW</code>, <code>TIOCSETAF</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4736">#4736</a>)</li> <li>Apple: Add <code>pthread_cond_timedwait_relative_np</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4719">#4719</a>)</li> <li>BSDs: Add <code>_CS_PATH</code> constant (<a href="https://redirect.github.com/rust-lang/libc/pull/4738">#4738</a>)</li> <li>Linux-like: Add <code>SIGEMT</code> for mips* and sparc* architectures (<a href="https://redirect.github.com/rust-lang/libc/pull/4730">#4730</a>)</li> <li>OpenBSD: Add <code>elf_aux_info</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4729">#4729</a>)</li> <li>Redox: Add more sysconf constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4728">#4728</a>)</li> <li>Windows: Add <code>wcsnlen</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4721">#4721</a>)</li> </ul> <h3>Changed</h3> <ul> <li>WASIP2: Invert conditional to include p2 APIs (<a href="https://redirect.github.com/rust-lang/libc/pull/4733">#4733</a>)</li> </ul> <h2>0.2.176</h2> <h3>Support</h3> <ul> <li>The default FreeBSD version has been raised from 11 to 12. This matches <code>rustc</code> since 1.78. (<a href="https://redirect.github.com/rust-lang/libc/pull/2406">#2406</a>)</li> <li><code>Debug</code> is now always implemented, rather than being gated behind the <code>extra_traits</code> feature. (<a href="https://redirect.github.com/rust-lang/libc/pull/4624">#4624</a>)</li> </ul> <h3>Added</h3> <ul> <li>AIX: Restore some non-POSIX functions guarded by the <code>_KERNEL</code> macro. (<a href="https://redirect.github.com/rust-lang/libc/pull/4607">#4607</a>)</li> <li>FreeBSD 14: Add <code>st_fileref</code> to <code>struct stat</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4642">#4642</a>)</li> <li>Haiku: Add the <code>accept4</code> POSIX call (<a href="https://redirect.github.com/rust-lang/libc/pull/4586">#4586</a>)</li> <li>Introduce a wrapper for representing padding (<a href="https://redirect.github.com/rust-lang/libc/pull/4632">#4632</a>)</li> <li>Linux: Add <code>EM_RISCV</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4659">#4659</a>)</li> <li>Linux: Add <code>MS_NOSYMFOLLOW</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4389">#4389</a>)</li> <li>Linux: Add <code>backtrace_symbols(_fd)</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4668">#4668</a>)</li> <li>Linux: Add missing <code>SOL_PACKET</code> optnames (<a href="https://redirect.github.com/rust-lang/libc/pull/4669">#4669</a>)</li> <li>Musl s390x: Add <code>SYS_mseal</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4549">#4549</a>)</li> <li>NuttX: Add <code>__errno</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4687">#4687</a>)</li> <li>Redox: Add <code>dirfd</code>, <code>VDISABLE</code>, and resource consts (<a href="https://redirect.github.com/rust-lang/libc/pull/4660">#4660</a>)</li> <li>Redox: Add more <code>resource.h</code>, <code>fcntl.h</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4666">#4666</a>)</li> <li>Redox: Enable <code>strftime</code> and <code>mkostemp[s]</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4629">#4629</a>)</li> <li>Unix, Windows: Add <code>qsort_r</code> (Unix), and <code>qsort(_s)</code> (Windows) (<a href="https://redirect.github.com/rust-lang/libc/pull/4677">#4677</a>)</li> <li>Unix: Add <code>dlvsym</code> for Linux-gnu, FreeBSD, and NetBSD (<a href="https://redirect.github.com/rust-lang/libc/pull/4671">#4671</a>)</li> <li>Unix: Add <code>sigqueue</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4620">#4620</a>)</li> </ul> <h3>Changed</h3> <ul> <li>FreeBSD 15: Mark <code>kinfo_proc</code> as non-exhaustive (<a href="https://redirect.github.com/rust-lang/libc/pull/4553">#4553</a>)</li> <li>FreeBSD: Set the ELF symbol version for <code>readdir_r</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4694">#4694</a>)</li> <li>Linux: Correct the config for whether or not <code>epoll_event</code> is packed (<a href="https://redirect.github.com/rust-lang/libc/pull/4639">#4639</a>)</li> <li>Tests: Replace the old <code>ctest</code> with the much more reliable new implementation (<a href="https://redirect.github.com/rust-lang/libc/pull/4655">#4655</a> and many related PRs)</li> </ul> <h3>Fixed</h3> <ul> <li>AIX: Fix the type of the 4th arguement of <code>getgrnam_r</code> ([#4656](<a href="https://redirect.github.com/rust-lang/libc/pull/4656">rust-lang/libc#4656</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/libc/blob/0.2.177/CHANGELOG.md">libc's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/rust-lang/libc/compare/0.2.176...0.2.177">0.2.177</a> - 2025-10-09</h2> <h3>Added</h3> <ul> <li>Apple: Add <code>TIOCGETA</code>, <code>TIOCSETA</code>, <code>TIOCSETAW</code>, <code>TIOCSETAF</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4736">#4736</a>)</li> <li>Apple: Add <code>pthread_cond_timedwait_relative_np</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4719">#4719</a>)</li> <li>BSDs: Add <code>_CS_PATH</code> constant (<a href="https://redirect.github.com/rust-lang/libc/pull/4738">#4738</a>)</li> <li>Linux-like: Add <code>SIGEMT</code> for mips* and sparc* architectures (<a href="https://redirect.github.com/rust-lang/libc/pull/4730">#4730</a>)</li> <li>OpenBSD: Add <code>elf_aux_info</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4729">#4729</a>)</li> <li>Redox: Add more sysconf constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4728">#4728</a>)</li> <li>Windows: Add <code>wcsnlen</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4721">#4721</a>)</li> </ul> <h3>Changed</h3> <ul> <li>WASIP2: Invert conditional to include p2 APIs (<a href="https://redirect.github.com/rust-lang/libc/pull/4733">#4733</a>)</li> </ul> <h2><a href="https://github.com/rust-lang/libc/compare/0.2.175...0.2.176">0.2.176</a> - 2025-09-23</h2> <h3>Support</h3> <ul> <li>The default FreeBSD version has been raised from 11 to 12. This matches <code>rustc</code> since 1.78. (<a href="https://redirect.github.com/rust-lang/libc/pull/2406">#2406</a>)</li> <li><code>Debug</code> is now always implemented, rather than being gated behind the <code>extra_traits</code> feature. (<a href="https://redirect.github.com/rust-lang/libc/pull/4624">#4624</a>)</li> </ul> <h3>Added</h3> <ul> <li>AIX: Restore some non-POSIX functions guarded by the <code>_KERNEL</code> macro. (<a href="https://redirect.github.com/rust-lang/libc/pull/4607">#4607</a>)</li> <li>FreeBSD 14: Add <code>st_fileref</code> to <code>struct stat</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4642">#4642</a>)</li> <li>Haiku: Add the <code>accept4</code> POSIX call (<a href="https://redirect.github.com/rust-lang/libc/pull/4586">#4586</a>)</li> <li>Introduce a wrapper for representing padding (<a href="https://redirect.github.com/rust-lang/libc/pull/4632">#4632</a>)</li> <li>Linux: Add <code>EM_RISCV</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4659">#4659</a>)</li> <li>Linux: Add <code>MS_NOSYMFOLLOW</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4389">#4389</a>)</li> <li>Linux: Add <code>backtrace_symbols(_fd)</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4668">#4668</a>)</li> <li>Linux: Add missing <code>SOL_PACKET</code> optnames (<a href="https://redirect.github.com/rust-lang/libc/pull/4669">#4669</a>)</li> <li>Musl s390x: Add <code>SYS_mseal</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4549">#4549</a>)</li> <li>NuttX: Add <code>__errno</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4687">#4687</a>)</li> <li>Redox: Add <code>dirfd</code>, <code>VDISABLE</code>, and resource consts (<a href="https://redirect.github.com/rust-lang/libc/pull/4660">#4660</a>)</li> <li>Redox: Add more <code>resource.h</code>, <code>fcntl.h</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4666">#4666</a>)</li> <li>Redox: Enable <code>strftime</code> and <code>mkostemp[s]</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4629">#4629</a>)</li> <li>Unix, Windows: Add <code>qsort_r</code> (Unix), and <code>qsort(_s)</code> (Windows) (<a href="https://redirect.github.com/rust-lang/libc/pull/4677">#4677</a>)</li> <li>Unix: Add <code>dlvsym</code> for Linux-gnu, FreeBSD, and NetBSD (<a href="https://redirect.github.com/rust-lang/libc/pull/4671">#4671</a>)</li> <li>Unix: Add <code>sigqueue</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4620">#4620</a>)</li> </ul> <h3>Changed</h3> <ul> <li>FreeBSD 15: Mark <code>kinfo_proc</code> as non-exhaustive (<a href="https://redirect.github.com/rust-lang/libc/pull/4553">#4553</a>)</li> <li>FreeBSD: Set the ELF symbol version for <code>readdir_r</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4694">#4694</a>)</li> <li>Linux: Correct the config for whether or not <code>epoll_event</code> is packed (<a href="https://redirect.github.com/rust-lang/libc/pull/4639">#4639</a>)</li> <li>Tests: Replace the old <code>ctest</code> with the much more reliable new implementation (<a href="https://redirect.github.com/rust-lang/libc/pull/4655">#4655</a> and many related PRs)</li> </ul> <h3>Fixed</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/libc/commit/9f598d245e18ecb243118cfde095f24598ec9d5b"><code>9f598d2</code></a> chore: release libc 0.2.177</li> <li><a href="https://github.com/rust-lang/libc/commit/329a5e77fd0666d9c2fda463eb005cfbb28c3e8c"><code>329a5e7</code></a> Add missing TIOCGETA/TIOCSETA constants for macOS</li> <li><a href="https://github.com/rust-lang/libc/commit/72a40e2550f924e8e5736a96afe71c71b988b08b"><code>72a40e2</code></a> add <code>pthread_cond_timedwait_relative_np</code></li> <li><a href="https://github.com/rust-lang/libc/commit/2914d6f735740b40b8abbbae251aad11daf48885"><code>2914d6f</code></a> linux_like: add SIGEMT for mips* and sparc*</li> <li><a href="https://github.com/rust-lang/libc/commit/ff2ff25f15bbd01c03482c0c1f49411b0b622957"><code>ff2ff25</code></a> openbsd add elf_aux_info</li> <li><a href="https://github.com/rust-lang/libc/commit/4ae44a44945ce5c2751aa198171bc1f47c292723"><code>4ae44a4</code></a> Update semver tests</li> <li><a href="https://github.com/rust-lang/libc/commit/d5737a01378862df540367c627b18d8a26dbdd0e"><code>d5737a0</code></a> Define _CS_PATH on the BSDs</li> <li><a href="https://github.com/rust-lang/libc/commit/fe277da53e919bb8272aa695e8df44b48aab95a3"><code>fe277da</code></a> redox: more sysconf constants</li> <li><a href="https://github.com/rust-lang/libc/commit/bdad4264ced348e8e1a8ffc25a9b493fae124fa9"><code>bdad426</code></a> wasip2: Invert conditional to include p2 APIs</li> <li><a href="https://github.com/rust-lang/libc/commit/0af069dcbfdb8ea80e437a50bc98ffd186915247"><code>0af069d</code></a> Windows: add <code>wcsnlen</code></li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/libc/compare/0.2.175...0.2.177">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=libc&package-manager=cargo&previous-version=0.2.175&new-version=0.2.177)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-24 12:02:48 -08:00
version = "0.2.177"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump libc from 0.2.175 to 0.2.177 in /codex-rs (#7224) Bumps [libc](https://github.com/rust-lang/libc) from 0.2.175 to 0.2.177. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/libc/releases">libc's releases</a>.</em></p> <blockquote> <h2>0.2.177</h2> <h3>Added</h3> <ul> <li>Apple: Add <code>TIOCGETA</code>, <code>TIOCSETA</code>, <code>TIOCSETAW</code>, <code>TIOCSETAF</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4736">#4736</a>)</li> <li>Apple: Add <code>pthread_cond_timedwait_relative_np</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4719">#4719</a>)</li> <li>BSDs: Add <code>_CS_PATH</code> constant (<a href="https://redirect.github.com/rust-lang/libc/pull/4738">#4738</a>)</li> <li>Linux-like: Add <code>SIGEMT</code> for mips* and sparc* architectures (<a href="https://redirect.github.com/rust-lang/libc/pull/4730">#4730</a>)</li> <li>OpenBSD: Add <code>elf_aux_info</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4729">#4729</a>)</li> <li>Redox: Add more sysconf constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4728">#4728</a>)</li> <li>Windows: Add <code>wcsnlen</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4721">#4721</a>)</li> </ul> <h3>Changed</h3> <ul> <li>WASIP2: Invert conditional to include p2 APIs (<a href="https://redirect.github.com/rust-lang/libc/pull/4733">#4733</a>)</li> </ul> <h2>0.2.176</h2> <h3>Support</h3> <ul> <li>The default FreeBSD version has been raised from 11 to 12. This matches <code>rustc</code> since 1.78. (<a href="https://redirect.github.com/rust-lang/libc/pull/2406">#2406</a>)</li> <li><code>Debug</code> is now always implemented, rather than being gated behind the <code>extra_traits</code> feature. (<a href="https://redirect.github.com/rust-lang/libc/pull/4624">#4624</a>)</li> </ul> <h3>Added</h3> <ul> <li>AIX: Restore some non-POSIX functions guarded by the <code>_KERNEL</code> macro. (<a href="https://redirect.github.com/rust-lang/libc/pull/4607">#4607</a>)</li> <li>FreeBSD 14: Add <code>st_fileref</code> to <code>struct stat</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4642">#4642</a>)</li> <li>Haiku: Add the <code>accept4</code> POSIX call (<a href="https://redirect.github.com/rust-lang/libc/pull/4586">#4586</a>)</li> <li>Introduce a wrapper for representing padding (<a href="https://redirect.github.com/rust-lang/libc/pull/4632">#4632</a>)</li> <li>Linux: Add <code>EM_RISCV</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4659">#4659</a>)</li> <li>Linux: Add <code>MS_NOSYMFOLLOW</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4389">#4389</a>)</li> <li>Linux: Add <code>backtrace_symbols(_fd)</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4668">#4668</a>)</li> <li>Linux: Add missing <code>SOL_PACKET</code> optnames (<a href="https://redirect.github.com/rust-lang/libc/pull/4669">#4669</a>)</li> <li>Musl s390x: Add <code>SYS_mseal</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4549">#4549</a>)</li> <li>NuttX: Add <code>__errno</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4687">#4687</a>)</li> <li>Redox: Add <code>dirfd</code>, <code>VDISABLE</code>, and resource consts (<a href="https://redirect.github.com/rust-lang/libc/pull/4660">#4660</a>)</li> <li>Redox: Add more <code>resource.h</code>, <code>fcntl.h</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4666">#4666</a>)</li> <li>Redox: Enable <code>strftime</code> and <code>mkostemp[s]</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4629">#4629</a>)</li> <li>Unix, Windows: Add <code>qsort_r</code> (Unix), and <code>qsort(_s)</code> (Windows) (<a href="https://redirect.github.com/rust-lang/libc/pull/4677">#4677</a>)</li> <li>Unix: Add <code>dlvsym</code> for Linux-gnu, FreeBSD, and NetBSD (<a href="https://redirect.github.com/rust-lang/libc/pull/4671">#4671</a>)</li> <li>Unix: Add <code>sigqueue</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4620">#4620</a>)</li> </ul> <h3>Changed</h3> <ul> <li>FreeBSD 15: Mark <code>kinfo_proc</code> as non-exhaustive (<a href="https://redirect.github.com/rust-lang/libc/pull/4553">#4553</a>)</li> <li>FreeBSD: Set the ELF symbol version for <code>readdir_r</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4694">#4694</a>)</li> <li>Linux: Correct the config for whether or not <code>epoll_event</code> is packed (<a href="https://redirect.github.com/rust-lang/libc/pull/4639">#4639</a>)</li> <li>Tests: Replace the old <code>ctest</code> with the much more reliable new implementation (<a href="https://redirect.github.com/rust-lang/libc/pull/4655">#4655</a> and many related PRs)</li> </ul> <h3>Fixed</h3> <ul> <li>AIX: Fix the type of the 4th arguement of <code>getgrnam_r</code> ([#4656](<a href="https://redirect.github.com/rust-lang/libc/pull/4656">rust-lang/libc#4656</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/libc/blob/0.2.177/CHANGELOG.md">libc's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/rust-lang/libc/compare/0.2.176...0.2.177">0.2.177</a> - 2025-10-09</h2> <h3>Added</h3> <ul> <li>Apple: Add <code>TIOCGETA</code>, <code>TIOCSETA</code>, <code>TIOCSETAW</code>, <code>TIOCSETAF</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4736">#4736</a>)</li> <li>Apple: Add <code>pthread_cond_timedwait_relative_np</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4719">#4719</a>)</li> <li>BSDs: Add <code>_CS_PATH</code> constant (<a href="https://redirect.github.com/rust-lang/libc/pull/4738">#4738</a>)</li> <li>Linux-like: Add <code>SIGEMT</code> for mips* and sparc* architectures (<a href="https://redirect.github.com/rust-lang/libc/pull/4730">#4730</a>)</li> <li>OpenBSD: Add <code>elf_aux_info</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4729">#4729</a>)</li> <li>Redox: Add more sysconf constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4728">#4728</a>)</li> <li>Windows: Add <code>wcsnlen</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4721">#4721</a>)</li> </ul> <h3>Changed</h3> <ul> <li>WASIP2: Invert conditional to include p2 APIs (<a href="https://redirect.github.com/rust-lang/libc/pull/4733">#4733</a>)</li> </ul> <h2><a href="https://github.com/rust-lang/libc/compare/0.2.175...0.2.176">0.2.176</a> - 2025-09-23</h2> <h3>Support</h3> <ul> <li>The default FreeBSD version has been raised from 11 to 12. This matches <code>rustc</code> since 1.78. (<a href="https://redirect.github.com/rust-lang/libc/pull/2406">#2406</a>)</li> <li><code>Debug</code> is now always implemented, rather than being gated behind the <code>extra_traits</code> feature. (<a href="https://redirect.github.com/rust-lang/libc/pull/4624">#4624</a>)</li> </ul> <h3>Added</h3> <ul> <li>AIX: Restore some non-POSIX functions guarded by the <code>_KERNEL</code> macro. (<a href="https://redirect.github.com/rust-lang/libc/pull/4607">#4607</a>)</li> <li>FreeBSD 14: Add <code>st_fileref</code> to <code>struct stat</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4642">#4642</a>)</li> <li>Haiku: Add the <code>accept4</code> POSIX call (<a href="https://redirect.github.com/rust-lang/libc/pull/4586">#4586</a>)</li> <li>Introduce a wrapper for representing padding (<a href="https://redirect.github.com/rust-lang/libc/pull/4632">#4632</a>)</li> <li>Linux: Add <code>EM_RISCV</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4659">#4659</a>)</li> <li>Linux: Add <code>MS_NOSYMFOLLOW</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4389">#4389</a>)</li> <li>Linux: Add <code>backtrace_symbols(_fd)</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4668">#4668</a>)</li> <li>Linux: Add missing <code>SOL_PACKET</code> optnames (<a href="https://redirect.github.com/rust-lang/libc/pull/4669">#4669</a>)</li> <li>Musl s390x: Add <code>SYS_mseal</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4549">#4549</a>)</li> <li>NuttX: Add <code>__errno</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4687">#4687</a>)</li> <li>Redox: Add <code>dirfd</code>, <code>VDISABLE</code>, and resource consts (<a href="https://redirect.github.com/rust-lang/libc/pull/4660">#4660</a>)</li> <li>Redox: Add more <code>resource.h</code>, <code>fcntl.h</code> constants (<a href="https://redirect.github.com/rust-lang/libc/pull/4666">#4666</a>)</li> <li>Redox: Enable <code>strftime</code> and <code>mkostemp[s]</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4629">#4629</a>)</li> <li>Unix, Windows: Add <code>qsort_r</code> (Unix), and <code>qsort(_s)</code> (Windows) (<a href="https://redirect.github.com/rust-lang/libc/pull/4677">#4677</a>)</li> <li>Unix: Add <code>dlvsym</code> for Linux-gnu, FreeBSD, and NetBSD (<a href="https://redirect.github.com/rust-lang/libc/pull/4671">#4671</a>)</li> <li>Unix: Add <code>sigqueue</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4620">#4620</a>)</li> </ul> <h3>Changed</h3> <ul> <li>FreeBSD 15: Mark <code>kinfo_proc</code> as non-exhaustive (<a href="https://redirect.github.com/rust-lang/libc/pull/4553">#4553</a>)</li> <li>FreeBSD: Set the ELF symbol version for <code>readdir_r</code> (<a href="https://redirect.github.com/rust-lang/libc/pull/4694">#4694</a>)</li> <li>Linux: Correct the config for whether or not <code>epoll_event</code> is packed (<a href="https://redirect.github.com/rust-lang/libc/pull/4639">#4639</a>)</li> <li>Tests: Replace the old <code>ctest</code> with the much more reliable new implementation (<a href="https://redirect.github.com/rust-lang/libc/pull/4655">#4655</a> and many related PRs)</li> </ul> <h3>Fixed</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/libc/commit/9f598d245e18ecb243118cfde095f24598ec9d5b"><code>9f598d2</code></a> chore: release libc 0.2.177</li> <li><a href="https://github.com/rust-lang/libc/commit/329a5e77fd0666d9c2fda463eb005cfbb28c3e8c"><code>329a5e7</code></a> Add missing TIOCGETA/TIOCSETA constants for macOS</li> <li><a href="https://github.com/rust-lang/libc/commit/72a40e2550f924e8e5736a96afe71c71b988b08b"><code>72a40e2</code></a> add <code>pthread_cond_timedwait_relative_np</code></li> <li><a href="https://github.com/rust-lang/libc/commit/2914d6f735740b40b8abbbae251aad11daf48885"><code>2914d6f</code></a> linux_like: add SIGEMT for mips* and sparc*</li> <li><a href="https://github.com/rust-lang/libc/commit/ff2ff25f15bbd01c03482c0c1f49411b0b622957"><code>ff2ff25</code></a> openbsd add elf_aux_info</li> <li><a href="https://github.com/rust-lang/libc/commit/4ae44a44945ce5c2751aa198171bc1f47c292723"><code>4ae44a4</code></a> Update semver tests</li> <li><a href="https://github.com/rust-lang/libc/commit/d5737a01378862df540367c627b18d8a26dbdd0e"><code>d5737a0</code></a> Define _CS_PATH on the BSDs</li> <li><a href="https://github.com/rust-lang/libc/commit/fe277da53e919bb8272aa695e8df44b48aab95a3"><code>fe277da</code></a> redox: more sysconf constants</li> <li><a href="https://github.com/rust-lang/libc/commit/bdad4264ced348e8e1a8ffc25a9b493fae124fa9"><code>bdad426</code></a> wasip2: Invert conditional to include p2 APIs</li> <li><a href="https://github.com/rust-lang/libc/commit/0af069dcbfdb8ea80e437a50bc98ffd186915247"><code>0af069d</code></a> Windows: add <code>wcsnlen</code></li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/libc/compare/0.2.175...0.2.177">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=libc&package-manager=cargo&previous-version=0.2.175&new-version=0.2.177)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-24 12:02:48 -08:00
checksum = "2874a2af47a2325c2001a6e6fad9b16a53b802102b528163885171cf92b15976"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "libdbus-sys"
version = "0.2.6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "5cbe856efeb50e4681f010e9aaa2bf0a644e10139e54cde10fc83a307c23bd9f"
dependencies = [
"pkg-config",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "libredox"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4488594b9328dee448adb906d8b126d9b7deb7cf5c22161ee591610bb1be83c0"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"libc",
]
[[package]]
name = "linux-keyutils"
version = "0.2.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "761e49ec5fd8a5a463f9b84e877c373d888935b71c6be78f3767fe2ae6bed18e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"libc",
]
[[package]]
name = "linux-raw-sys"
version = "0.4.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d26c52dbd32dccf2d10cac7725f8eae5296885fb5703b261f7d0a0739ec807ab"
[[package]]
name = "linux-raw-sys"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.9.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "litemap"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.8.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "241eaef5fd12c88705a01fc1066c48c4b36e0dd4377dcdc7ec3942cea7a69956"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "local-waker"
version = "0.1.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4d873d7c67ce09b42110d801813efbc9364414e356be9935700d368351657487"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "lock_api"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.4.13"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "96936507f153605bddfcda068dd804796c84324ed2510809e5b2a624c81da765"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"autocfg",
"scopeguard",
]
[[package]]
name = "log"
chore(deps): bump log from 0.4.27 to 0.4.28 in /codex-rs (#4027) [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [log](https://github.com/rust-lang/log) from 0.4.27 to 0.4.28. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/releases">log's releases</a>.</em></p> <blockquote> <h2>0.4.28</h2> <h2>What's Changed</h2> <ul> <li>ci: drop really old trick and ensure MSRV for all feature combo by <a href="https://github.com/tisonkun"><code>@​tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> <li>chore: fix some typos in comment by <a href="https://github.com/xixishidibei"><code>@​xixishidibei</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li>Unhide <code>#[derive(Debug)]</code> in example by <a href="https://github.com/ZylosLumen"><code>@​ZylosLumen</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li>Chore: delete compare_exchange method for AtomicUsize on platforms without atomics by <a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li>Add <code>increment_severity()</code> and <code>decrement_severity()</code> methods for <code>Level</code> and <code>LevelFilter</code> by <a href="https://github.com/nebkor"><code>@​nebkor</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> <li>Prepare for 0.4.28 release by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/695">rust-lang/log#695</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xixishidibei"><code>@​xixishidibei</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li><a href="https://github.com/ZylosLumen"><code>@​ZylosLumen</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li><a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li><a href="https://github.com/nebkor"><code>@​nebkor</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">https://github.com/rust-lang/log/compare/0.4.27...0.4.28</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/blob/master/CHANGELOG.md">log's changelog</a>.</em></p> <blockquote> <h2>[0.4.28] - 2025-09-02</h2> <h2>What's Changed</h2> <ul> <li>ci: drop really old trick and ensure MSRV for all feature combo by <a href="https://github.com/tisonkun"><code>@​tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> <li>Chore: delete compare_exchange method for AtomicUsize on platforms without atomics by <a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li>Add <code>increment_severity()</code> and <code>decrement_severity()</code> methods for <code>Level</code> and <code>LevelFilter</code> by <a href="https://github.com/nebkor"><code>@​nebkor</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xixishidibei"><code>@​xixishidibei</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li><a href="https://github.com/ZylosLumen"><code>@​ZylosLumen</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li><a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li><a href="https://github.com/nebkor"><code>@​nebkor</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">https://github.com/rust-lang/log/compare/0.4.27...0.4.28</a></p> <h3>Notable Changes</h3> <ul> <li>MSRV is bumped to 1.61.0 in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/log/commit/6e1735597bb21c5d979a077395df85e1d633e077"><code>6e17355</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/695">#695</a> from rust-lang/cargo/0.4.28</li> <li><a href="https://github.com/rust-lang/log/commit/57719dbef54de1c9b91b986845e4285d09c9e644"><code>57719db</code></a> focus on user-facing source changes in the changelog</li> <li><a href="https://github.com/rust-lang/log/commit/e0630c6485c6ca6da22888c319d2c3d2e53cb1ae"><code>e0630c6</code></a> prepare for 0.4.28 release</li> <li><a href="https://github.com/rust-lang/log/commit/60829b11f50e34497f4dcaff44561ee908c796f9"><code>60829b1</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/692">#692</a> from nebkor/up-and-down</li> <li><a href="https://github.com/rust-lang/log/commit/95d44f8af52df35d78adb766bef79d8f489022a0"><code>95d44f8</code></a> change names of log-level-changing methods to be more descriptive</li> <li><a href="https://github.com/rust-lang/log/commit/2b63dfada6394c537682de4834ae45eaf3bad216"><code>2b63dfa</code></a> Add <code>up()</code> and <code>down()</code> methods for <code>Level</code> and <code>LevelFilter</code></li> <li><a href="https://github.com/rust-lang/log/commit/3aa1359e926a39f841791207d6e57e00da3e68e2"><code>3aa1359</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/690">#690</a> from HaoliangXu/master</li> <li><a href="https://github.com/rust-lang/log/commit/1091f2cbd21817872235eff67b8e0e68e5ec4e41"><code>1091f2c</code></a> Chore:delete compare_exchange method for AtomicUsize on platforms</li> <li><a href="https://github.com/rust-lang/log/commit/24c5f44efd0828ed1c6dcec5adf5aebf97f0f400"><code>24c5f44</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/688">#688</a> from ZylosLumen/patch-1</li> <li><a href="https://github.com/rust-lang/log/commit/44984954670f3144af1d1f323e36690bb72788f4"><code>4498495</code></a> Unhide <code>#[derive(Debug)]</code> in example</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=log&package-manager=cargo&previous-version=0.4.27&new-version=0.4.28)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-23 23:07:54 -07:00
version = "0.4.28"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump log from 0.4.27 to 0.4.28 in /codex-rs (#4027) [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [log](https://github.com/rust-lang/log) from 0.4.27 to 0.4.28. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/releases">log's releases</a>.</em></p> <blockquote> <h2>0.4.28</h2> <h2>What's Changed</h2> <ul> <li>ci: drop really old trick and ensure MSRV for all feature combo by <a href="https://github.com/tisonkun"><code>@​tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> <li>chore: fix some typos in comment by <a href="https://github.com/xixishidibei"><code>@​xixishidibei</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li>Unhide <code>#[derive(Debug)]</code> in example by <a href="https://github.com/ZylosLumen"><code>@​ZylosLumen</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li>Chore: delete compare_exchange method for AtomicUsize on platforms without atomics by <a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li>Add <code>increment_severity()</code> and <code>decrement_severity()</code> methods for <code>Level</code> and <code>LevelFilter</code> by <a href="https://github.com/nebkor"><code>@​nebkor</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> <li>Prepare for 0.4.28 release by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/695">rust-lang/log#695</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xixishidibei"><code>@​xixishidibei</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li><a href="https://github.com/ZylosLumen"><code>@​ZylosLumen</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li><a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li><a href="https://github.com/nebkor"><code>@​nebkor</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">https://github.com/rust-lang/log/compare/0.4.27...0.4.28</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/log/blob/master/CHANGELOG.md">log's changelog</a>.</em></p> <blockquote> <h2>[0.4.28] - 2025-09-02</h2> <h2>What's Changed</h2> <ul> <li>ci: drop really old trick and ensure MSRV for all feature combo by <a href="https://github.com/tisonkun"><code>@​tisonkun</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> <li>Chore: delete compare_exchange method for AtomicUsize on platforms without atomics by <a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li>Add <code>increment_severity()</code> and <code>decrement_severity()</code> methods for <code>Level</code> and <code>LevelFilter</code> by <a href="https://github.com/nebkor"><code>@​nebkor</code></a> in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/xixishidibei"><code>@​xixishidibei</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/677">rust-lang/log#677</a></li> <li><a href="https://github.com/ZylosLumen"><code>@​ZylosLumen</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/688">rust-lang/log#688</a></li> <li><a href="https://github.com/HaoliangXu"><code>@​HaoliangXu</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/690">rust-lang/log#690</a></li> <li><a href="https://github.com/nebkor"><code>@​nebkor</code></a> made their first contribution in <a href="https://redirect.github.com/rust-lang/log/pull/692">rust-lang/log#692</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">https://github.com/rust-lang/log/compare/0.4.27...0.4.28</a></p> <h3>Notable Changes</h3> <ul> <li>MSRV is bumped to 1.61.0 in <a href="https://redirect.github.com/rust-lang/log/pull/676">rust-lang/log#676</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/log/commit/6e1735597bb21c5d979a077395df85e1d633e077"><code>6e17355</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/695">#695</a> from rust-lang/cargo/0.4.28</li> <li><a href="https://github.com/rust-lang/log/commit/57719dbef54de1c9b91b986845e4285d09c9e644"><code>57719db</code></a> focus on user-facing source changes in the changelog</li> <li><a href="https://github.com/rust-lang/log/commit/e0630c6485c6ca6da22888c319d2c3d2e53cb1ae"><code>e0630c6</code></a> prepare for 0.4.28 release</li> <li><a href="https://github.com/rust-lang/log/commit/60829b11f50e34497f4dcaff44561ee908c796f9"><code>60829b1</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/692">#692</a> from nebkor/up-and-down</li> <li><a href="https://github.com/rust-lang/log/commit/95d44f8af52df35d78adb766bef79d8f489022a0"><code>95d44f8</code></a> change names of log-level-changing methods to be more descriptive</li> <li><a href="https://github.com/rust-lang/log/commit/2b63dfada6394c537682de4834ae45eaf3bad216"><code>2b63dfa</code></a> Add <code>up()</code> and <code>down()</code> methods for <code>Level</code> and <code>LevelFilter</code></li> <li><a href="https://github.com/rust-lang/log/commit/3aa1359e926a39f841791207d6e57e00da3e68e2"><code>3aa1359</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/690">#690</a> from HaoliangXu/master</li> <li><a href="https://github.com/rust-lang/log/commit/1091f2cbd21817872235eff67b8e0e68e5ec4e41"><code>1091f2c</code></a> Chore:delete compare_exchange method for AtomicUsize on platforms</li> <li><a href="https://github.com/rust-lang/log/commit/24c5f44efd0828ed1c6dcec5adf5aebf97f0f400"><code>24c5f44</code></a> Merge pull request <a href="https://redirect.github.com/rust-lang/log/issues/688">#688</a> from ZylosLumen/patch-1</li> <li><a href="https://github.com/rust-lang/log/commit/44984954670f3144af1d1f323e36690bb72788f4"><code>4498495</code></a> Unhide <code>#[derive(Debug)]</code> in example</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/log/compare/0.4.27...0.4.28">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=log&package-manager=cargo&previous-version=0.4.27&new-version=0.4.28)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-23 23:07:54 -07:00
checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "logos"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf8b031682c67a8e3d5446840f9573eb7fe26efe7ec8d195c9ac4c0647c502f1"
dependencies = [
"logos-derive",
]
[[package]]
name = "logos-derive"
version = "0.12.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a1d849148dbaf9661a6151d1ca82b13bb4c4c128146a88d05253b38d4e2f496c"
dependencies = [
"beef",
"fnv",
"proc-macro2",
"quote",
"regex-syntax 0.6.29",
"syn 1.0.109",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "lru"
version = "0.12.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "234cf4f4a04dc1f57e24b96cc0cd600cf2af460d4161ac5ecdd0af8e1f3b2a38"
dependencies = [
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"hashbrown 0.15.4",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore(deps): bump lru from 0.12.5 to 0.16.2 in /codex-rs (#8045) Bumps [lru](https://github.com/jeromefroe/lru-rs) from 0.12.5 to 0.16.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md">lru's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.2">v0.16.2</a> - 2025-10-14</h2> <ul> <li>Upgrade hashbrown dependency to 0.16.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.1">v0.16.1</a> - 2025-09-08</h2> <ul> <li>Fix <code>Clone</code> for unbounded cache.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.0">v0.16.0</a> - 2025-07-02</h2> <ul> <li>Implement <code>Clone</code> for caches with custom hashers.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.15.0">v0.15.0</a> - 2025-06-26</h2> <ul> <li>Return bool from <code>promote</code> and <code>demote</code> to indicate whether key was found.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.14.0">v0.14.0</a> - 2025-04-12</h2> <ul> <li>Use <code>NonZeroUsize::MAX</code> instead of <code>unwrap()</code>, and update MSRV to 1.70.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.13.0">v0.13.0</a> - 2025-01-27</h2> <ul> <li>Add <code>peek_mru</code> and <code>pop_mru</code> methods, upgrade dependency on <code>hashbrown</code> to 0.15.2, and update MSRV to 1.65.0.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c1f843ded02d718138483df6ed8da4961accc201"><code>c1f843d</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/223">#223</a> from jeromefroe/jerome/prepare-0-16-2-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/fc4f30953e75e4315d9d965a3e4b7f0968788d2a"><code>fc4f309</code></a> Prepare 0.16.2 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e91ea2bd85eabfc0769f1117bbba22699e766cb0"><code>e91ea2b</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/222">#222</a> from torokati44/hashbrown-0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/90d05feff3d795016c4f5a2e44215b35ee5816f7"><code>90d05fe</code></a> Update hashbrown to 0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c699209232539c72035d942888750878e590ab46"><code>c699209</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/220">#220</a> from jeromefroe/jerome/prepare-0-16-1-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/2bd820703080f0ee840dce10e7bd447fa8d2c83d"><code>2bd8207</code></a> Prepare 0.16.1 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/1b21bf1c5917e172edbfd0f5f87b2f6d94130724"><code>1b21bf1</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/219">#219</a> from wqfish/bk</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/3ec42b6369082c00da2836fe033db20cb52a36fc"><code>3ec42b6</code></a> Fix clone implementation for unbounded cache</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e2e3e47c33386672fc715deabf3494b071b8d04c"><code>e2e3e47</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/218">#218</a> from jeromefroe/jerome/prepare-0-16-0-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/17fe4f328aa4149814849ede11c283ff7ee27d31"><code>17fe4f3</code></a> Prepare 0.16.0 release</li> <li>Additional commits viewable in <a href="https://github.com/jeromefroe/lru-rs/compare/0.12.5...0.16.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lru&package-manager=cargo&previous-version=0.12.5&new-version=0.16.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:32:15 -08:00
[[package]]
name = "lru"
version = "0.16.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "96051b46fc183dc9cd4a223960ef37b9af631b55191852a8274bfef064cda20f"
dependencies = [
"hashbrown 0.16.0",
]
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "lru-slab"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "112b39cec0b298b6c1999fee3e31427f74f676e4cb9879ed1a121b43661a4154"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "lsp-types"
version = "0.94.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c66bfd44a06ae10647fe3f8214762e9369fd4248df1350924b4ef9e770a85ea1"
dependencies = [
"bitflags 1.3.2",
"serde",
"serde_json",
"serde_repr",
"url",
]
[[package]]
name = "maplit"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3e2e65a1a2e43cfcb47a895c4c8b10d1f4a61097f9f254f183aee60cad9c651d"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "matchers"
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
version = "0.2.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
checksum = "d1525a2a28c7f4fa0fc98bb91ae755d1e2d1505079e05539e35bc876b5d65ae9"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"regex-automata",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
[[package]]
name = "matchit"
version = "0.8.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "47e1ffaa40ddd1f3ed91f717a33c8c0ee23fff369e3aa8772b9605cc1d22f4c3"
feat: introduce mcp-types crate (#787) This adds our own `mcp-types` crate to our Cargo workspace. We vendor in the [`2025-03-26/schema.json`](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/05f204513641c05bd78d056791af99c6c84520fa/schema/2025-03-26/schema.json) from the MCP repo and introduce a `generate_mcp_types.py` script to codegen the `lib.rs` from the JSON schema. Test coverage is currently light, but I plan to refine things as we start making use of this crate. And yes, I am aware that https://github.com/modelcontextprotocol/rust-sdk exists, though the published https://crates.io/crates/rmcp appears to be a competing effort. While things are up in the air, it seems better for us to control our own version of this code. Incidentally, Codex did a lot of the work for this PR. I told it to never edit `lib.rs` directly and instead to update `generate_mcp_types.py` and then re-run it to update `lib.rs`. It followed these instructions and once things were working end-to-end, I iteratively asked for changes to the tests until the API looked reasonable (and the code worked). Codex was responsible for figuring out what to do to `generate_mcp_types.py` to achieve the requested test/API changes.
2025-05-02 13:33:14 -07:00
[[package]]
name = "mcp-types"
Update submodules version to come from the workspace (#850) Tie the version of submodules to the workspace version.
2025-05-07 10:08:06 -07:00
version = "0.0.0"
feat: introduce mcp-types crate (#787) This adds our own `mcp-types` crate to our Cargo workspace. We vendor in the [`2025-03-26/schema.json`](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/05f204513641c05bd78d056791af99c6c84520fa/schema/2025-03-26/schema.json) from the MCP repo and introduce a `generate_mcp_types.py` script to codegen the `lib.rs` from the JSON schema. Test coverage is currently light, but I plan to refine things as we start making use of this crate. And yes, I am aware that https://github.com/modelcontextprotocol/rust-sdk exists, though the published https://crates.io/crates/rmcp appears to be a competing effort. While things are up in the air, it seems better for us to control our own version of this code. Incidentally, Codex did a lot of the work for this PR. I told it to never edit `lib.rs` directly and instead to update `generate_mcp_types.py` and then re-run it to update `lib.rs`. It followed these instructions and once things were working end-to-end, I iteratively asked for changes to the tests until the API looked reasonable (and the code worked). Codex was responsible for figuring out what to do to `generate_mcp_types.py` to achieve the requested test/API changes.
2025-05-02 13:33:14 -07:00
dependencies = [
Generate JSON schema for app-server protocol (#5063) Add annotations and an export script that let us generate app-server protocol types as typescript and JSONSchema. The script itself is a bit hacky because we need to manually label some of the types. Unfortunately it seems that enum variants don't get good names by default and end up with something like `EventMsg1`, `EventMsg2`, etc. I'm not an expert in this by any means, but since this is only run manually and we already need to enumerate the types required to describe the protocol, it didn't seem that much worse. An ideal solution here would be to have some kind of root that we could generate schemas for in one go, but I'm not sure if that's compatible with how we generate the protocol today.
2025-10-20 11:45:11 -07:00
"schemars 0.8.22",
feat: introduce mcp-types crate (#787) This adds our own `mcp-types` crate to our Cargo workspace. We vendor in the [`2025-03-26/schema.json`](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/05f204513641c05bd78d056791af99c6c84520fa/schema/2025-03-26/schema.json) from the MCP repo and introduce a `generate_mcp_types.py` script to codegen the `lib.rs` from the JSON schema. Test coverage is currently light, but I plan to refine things as we start making use of this crate. And yes, I am aware that https://github.com/modelcontextprotocol/rust-sdk exists, though the published https://crates.io/crates/rmcp appears to be a competing effort. While things are up in the air, it seems better for us to control our own version of this code. Incidentally, Codex did a lot of the work for this PR. I told it to never edit `lib.rs` directly and instead to update `generate_mcp_types.py` and then re-run it to update `lib.rs`. It followed these instructions and once things were working end-to-end, I iteratively asked for changes to the tests until the API looked reasonable (and the code worked). Codex was responsible for figuring out what to do to `generate_mcp_types.py` to achieve the requested test/API changes.
2025-05-02 13:33:14 -07:00
"serde",
"serde_json",
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
"ts-rs",
feat: introduce mcp-types crate (#787) This adds our own `mcp-types` crate to our Cargo workspace. We vendor in the [`2025-03-26/schema.json`](https://github.com/modelcontextprotocol/modelcontextprotocol/blob/05f204513641c05bd78d056791af99c6c84520fa/schema/2025-03-26/schema.json) from the MCP repo and introduce a `generate_mcp_types.py` script to codegen the `lib.rs` from the JSON schema. Test coverage is currently light, but I plan to refine things as we start making use of this crate. And yes, I am aware that https://github.com/modelcontextprotocol/rust-sdk exists, though the published https://crates.io/crates/rmcp appears to be a competing effort. While things are up in the air, it seems better for us to control our own version of this code. Incidentally, Codex did a lot of the work for this PR. I told it to never edit `lib.rs` directly and instead to update `generate_mcp_types.py` and then re-run it to update `lib.rs`. It followed these instructions and once things were working end-to-end, I iteratively asked for changes to the tests until the API looked reasonable (and the code worked). Codex was responsible for figuring out what to do to `generate_mcp_types.py` to achieve the requested test/API changes.
2025-05-02 13:33:14 -07:00
]
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
[[package]]
name = "mcp_test_support"
version = "0.0.0"
dependencies = [
"anyhow",
"assert_cmd",
Set a user agent suffix when used as a mcp server (#3395) This automatically adds a user agent suffix whenever the CLI is used as a MCP server
2025-09-09 19:32:57 -07:00
"codex-core",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"codex-mcp-server",
Migrate coverage to shell_command (#7042)
2025-11-20 19:44:00 -08:00
"core_test_support",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"mcp-types",
Set a user agent suffix when used as a mcp server (#3395) This automatically adds a user agent suffix whenever the CLI is used as a MCP server
2025-09-09 19:32:57 -07:00
"os_info",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"pretty_assertions",
remove mcp-server/src/mcp_protocol.rs and the code that depends on it (#2360)
2025-08-18 00:29:18 -07:00
"serde",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"serde_json",
Migrate coverage to shell_command (#7042)
2025-11-20 19:44:00 -08:00
"shlex",
fix: create separate test_support crates to eliminate #[allow(dead_code)] (#1667) Because of a quirk of how implementation tests work in Rust, we had a number of `#[allow(dead_code)]` annotations that were misleading because the functions _were_ being used, just not by all integration tests in a `tests/` folder, so when compiling the test that did not use the function, clippy would complain that it was unused. This fixes things by create a "test_support" crate under the `tests/` folder that is imported as a dev dependency for the respective crate.
2025-07-24 12:19:46 -07:00
"tokio",
"wiremock",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "memchr"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "2.7.5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "32a282da65faaf38286cf3be983213fcf1d2e2a58700e808f83f4ea9a4804bc0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "memoffset"
version = "0.6.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce"
dependencies = [
"autocfg",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
name = "memoffset"
version = "0.9.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a"
dependencies = [
"autocfg",
]
[[package]]
name = "mime"
version = "0.3.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
[[package]]
name = "mime_guess"
version = "2.0.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f7c44f8e672c00fe5308fa235f821cb4198414e1c77935c1ab6948d3fd78550e"
dependencies = [
"mime",
"unicase",
]
[[package]]
name = "minimal-lexical"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a"
[[package]]
name = "miniz_oxide"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.8.9"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "1fa76a2c86f704bdb222d66965fb3d63269ce38518b83cb0575fca855ebb6316"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
"adler2",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
"simd-adler32",
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "mio"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.0.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "78bed444cc8a2160f01cbcf811ef18cac863ad68ae8ca62092e8db51d51c761c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"libc",
"log",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"wasi 0.11.1+wasi-snapshot-preview1",
"windows-sys 0.59.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
[[package]]
name = "moxcms"
version = "0.7.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ddd32fa8935aeadb8a8a6b6b351e40225570a37c43de67690383d87ef170cd08"
dependencies = [
"num-traits",
"pxfm",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "multimap"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.10.1"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "1d87ecb2933e8aeadb3e3a02b828fed80a7528047e68b4f424523a0981a3a084"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
"serde",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "native-tls"
version = "0.2.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "87de3442987e9dbec73158d5c715e7ad9072fda936bb03d19d7fa10e00520f0e"
dependencies = [
"libc",
"log",
"openssl",
"openssl-probe",
"openssl-sys",
"schannel",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"security-framework 2.11.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"security-framework-sys",
"tempfile",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "ndk-context"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "27b02d87554356db9e9a873add8782d4ea6e3e58ea071a9adb9a2e8ddb884a8b"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "new_debug_unreachable"
version = "1.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "650eef8c711430f1a879fdd01d4745a7deea475becfb90269c06775983bbf086"
[[package]]
name = "nibble_vec"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77a5d83df9f36fe23f0c3648c6bbb8b0298bb5f1939c8f2704431371f4b84d43"
dependencies = [
"smallvec",
]
[[package]]
name = "nix"
version = "0.28.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ab2156c4fce2f8df6c499cc1c763e4394b7482525bf2a9701c9d79d215f519e4"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"cfg-if",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"cfg_aliases 0.1.1",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"libc",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "nix"
version = "0.29.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "71e2746dc3a24dd78b3cfcb7be93368c6de9963d30f43a6a73998a9cf4b17b46"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"cfg-if",
"cfg_aliases 0.2.1",
"libc",
"memoffset 0.9.1",
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "nix"
version = "0.30.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "74523f3a35e05aba87a1d978330aef40f67b0304ac79c1c00b294c9830543db6"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"cfg-if",
"cfg_aliases 0.2.1",
"libc",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "nom"
version = "7.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d273983c5a657a70a3e8f2a01329822f3b8c8172b73826411a55751e404a0a4a"
dependencies = [
"memchr",
"minimal-lexical",
]
[[package]]
name = "normalize-line-endings"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "61807f77802ff30975e01f4f071c8ba10c022052f98b3294119f3e615d13e5be"
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
[[package]]
name = "notify"
version = "8.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4d3d07927151ff8575b7087f245456e549fea62edf0ec4e565a5ee50c8402bc3"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
test: reduce time dependency on test harness (#5053) Tightened the CLI integration tests to stop relying on wall-clock sleeps—new fs watcher helper waits for session files instead of timing out, and SSE mocks/fixtures make the flows deterministic.
2025-10-15 09:56:59 +01:00
"fsevent-sys",
"inotify",
"kqueue",
"libc",
"log",
"mio",
"notify-types",
"walkdir",
"windows-sys 0.60.2",
]
[[package]]
name = "notify-types"
version = "2.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5e0826a989adedc2a244799e823aece04662b66609d96af8dff7ac6df9a8925d"
Change the UI of apply patch (#1907) <img width="487" height="108" alt="image" src="https://github.com/user-attachments/assets/3f6ffd56-36f6-40bc-b999-64279705416a" /> --------- Co-authored-by: Gabriel Peal <gpeal@users.noreply.github.com>
2025-08-06 22:25:41 -07:00
[[package]]
name = "nu-ansi-term"
version = "0.50.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d4a28e057d01f97e61255210fcff094d74ed0466038633e95017f5beb68e4399"
dependencies = [
"windows-sys 0.52.0",
]
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
[[package]]
name = "nucleo-matcher"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf33f538733d1a5a3494b836ba913207f14d9d4a1d3cd67030c5061bdd2cac85"
dependencies = [
"memchr",
"unicode-segmentation",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "num"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "35bd024e8b2ff75562e5f34e7f4905839deb4b22955ef5e73d2fea1b9813cb23"
dependencies = [
"num-bigint",
"num-complex",
"num-integer",
"num-iter",
"num-rational",
"num-traits",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "num-bigint"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5e44f723f1133c9deac646763579fdb3ac745e418f2a7af9cd0c431da1f20b9"
dependencies = [
"num-integer",
"num-traits",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "num-complex"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "73f88a1307638156682bada9d7604135552957b7818057dcef22705b4d509495"
dependencies = [
"num-traits",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "num-conv"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "num-integer"
version = "0.1.46"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f"
dependencies = [
"num-traits",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "num-iter"
version = "0.1.45"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1429034a0490724d0075ebb2bc9e875d6503c3cf69e235a8941aa757d83ef5bf"
dependencies = [
"autocfg",
"num-integer",
"num-traits",
]
[[package]]
name = "num-rational"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f83d14da390562dca69fc84082e73e548e1ad308d24accdedd2720017cb37824"
dependencies = [
"num-bigint",
"num-integer",
"num-traits",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "num-traits"
version = "0.2.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "071dfc062690e90b734c0b2273ce72ad0ffa95f0c74596bc250dcfd960262841"
dependencies = [
"autocfg",
]
[[package]]
name = "num_cpus"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.17.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "91df4bbde75afed763b708b7eee1e8e7651e02d97f6d5dd763e89367e957b23b"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"hermit-abi",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"libc",
]
fix: tighten up some logic around session timestamps and ids (#922) * update `SessionConfigured` event to include the UUID for the session * show the UUID in the Rust TUI * use local timestamps in log files instead of UTC * include timestamps in log file names for easier discovery
2025-05-13 19:22:16 -07:00
[[package]]
name = "num_threads"
version = "0.1.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c7398b9c8b70908f6371f47ed36737907c87c52af34c268fed0bf0ceb92ead9"
dependencies = [
"libc",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "oauth2"
version = "5.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "51e219e79014df21a225b1860a479e2dcd7cbd9130f4defd4bd0e191ea31d67d"
dependencies = [
"base64",
"chrono",
"getrandom 0.2.16",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"rand 0.8.5",
"reqwest",
"serde",
"serde_json",
"serde_path_to_error",
"sha2",
"thiserror 1.0.69",
"url",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "objc2"
version = "0.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "561f357ba7f3a2a61563a186a163d0a3a5247e1089524a3981d49adb775078bc"
dependencies = [
"objc2-encode",
]
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
[[package]]
name = "objc2-app-kit"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6f29f568bec459b0ddff777cec4fe3fd8666d82d5a40ebd0ff7e66134f89bcc"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"objc2",
"objc2-core-graphics",
"objc2-foundation",
]
[[package]]
name = "objc2-core-foundation"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1c10c2894a6fed806ade6027bcd50662746363a9589d3ec9d9bef30a4e4bc166"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"dispatch2",
"objc2",
]
[[package]]
name = "objc2-core-graphics"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "989c6c68c13021b5c2d6b71456ebb0f9dc78d752e86a98da7c716f4f9470f5a4"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"dispatch2",
"objc2",
"objc2-core-foundation",
"objc2-io-surface",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "objc2-encode"
version = "4.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ef25abbcd74fb2609453eb695bd2f860d389e457f67dc17cafc8b8cbc89d0c33"
[[package]]
name = "objc2-foundation"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "900831247d2fe1a09a683278e5384cfb8c80c79fe6b166f9d14bfdde0ea1b03c"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
"objc2",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"objc2-core-foundation",
]
[[package]]
name = "objc2-io-surface"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7282e9ac92529fa3457ce90ebb15f4ecbc383e8338060960760fa2cf75420c3c"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"objc2",
"objc2-core-foundation",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "object"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.36.7"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "62948e14d923ea95ea2c7c86c71013138b66525b86bdc08d2dcc262bdb497b87"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"memchr",
]
[[package]]
name = "once_cell"
version = "1.21.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "once_cell_polyfill"
version = "1.70.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4895175b425cb1f87721b59f0f286c2092bd4af812243672510e1ac53e2e0ad"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "openssl"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.10.73"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "8505734d46c8ab1e19a1dce3aef597ad87dcb4c37e7188231769bd6bd51cebf8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"cfg-if",
"foreign-types",
"libc",
"once_cell",
"openssl-macros",
"openssl-sys",
]
[[package]]
name = "openssl-macros"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "openssl-probe"
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e"
[[package]]
name = "openssl-src"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "300.5.1+3.5.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "735230c832b28c000e3bc117119e6466a663ec73506bc0a9907ea4187508e42a"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cc",
]
[[package]]
name = "openssl-sys"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.9.109"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "90096e2e47630d78b7d1c20952dc621f957103f8bc2c8359ec81290d75238571"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cc",
"libc",
"openssl-src",
"pkg-config",
"vcpkg",
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "opentelemetry"
version = "0.30.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aaf416e4cb72756655126f7dd7bb0af49c674f4c1b9903e80c009e0c37e552e6"
dependencies = [
"futures-core",
"futures-sink",
"js-sys",
"pin-project-lite",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"tracing",
]
[[package]]
name = "opentelemetry-appender-tracing"
version = "0.30.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e68f63eca5fad47e570e00e893094fc17be959c80c79a7d6ec1abdd5ae6ffc16"
dependencies = [
"opentelemetry",
"tracing",
"tracing-core",
"tracing-subscriber",
]
[[package]]
name = "opentelemetry-http"
version = "0.30.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "50f6639e842a97dbea8886e3439710ae463120091e2e064518ba8e716e6ac36d"
dependencies = [
"async-trait",
"bytes",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"opentelemetry",
"reqwest",
]
[[package]]
name = "opentelemetry-otlp"
version = "0.30.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dbee664a43e07615731afc539ca60c6d9f1a9425e25ca09c57bc36c87c55852b"
dependencies = [
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"opentelemetry",
"opentelemetry-http",
"opentelemetry-proto",
"opentelemetry_sdk",
"prost",
"reqwest",
"serde_json",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"tokio",
"tonic",
"tracing",
]
[[package]]
name = "opentelemetry-proto"
version = "0.30.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2e046fd7660710fe5a05e8748e70d9058dc15c94ba914e7c4faa7c728f0e8ddc"
dependencies = [
"base64",
"hex",
"opentelemetry",
"opentelemetry_sdk",
"prost",
"serde",
"tonic",
]
[[package]]
name = "opentelemetry-semantic-conventions"
version = "0.30.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "83d059a296a47436748557a353c5e6c5705b9470ef6c95cfc52c21a8814ddac2"
[[package]]
name = "opentelemetry_sdk"
version = "0.30.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "11f644aa9e5e31d11896e024305d7e3c98a88884d9f8919dbf37a9991bc47a4b"
dependencies = [
"futures-channel",
"futures-executor",
"futures-util",
"opentelemetry",
"percent-encoding",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand 0.9.2",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"serde_json",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"tokio",
"tokio-stream",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "option-ext"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "04744f49eae99ab78e0d5c0b603ab218f515ea8cfe5a456d7629ad883a3b6e7d"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "ordered-stream"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9aa2b01e1d916879f73a53d01d1d6cee68adbb31d6d9177a8cfce093cced1d50"
dependencies = [
"futures-core",
"pin-project-lite",
]
Set user-agent (#2230) Use the same well-defined value in all cases when sending user-agent header
2025-08-12 09:40:04 -07:00
[[package]]
name = "os_info"
version = "3.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d0e1ac5fde8d43c34139135df8ea9ee9465394b2d8d20f032d38998f64afffc3"
dependencies = [
"log",
"plist",
"serde",
"windows-sys 0.52.0",
]
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
[[package]]
name = "os_pipe"
version = "1.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "db335f4760b14ead6290116f2427bf33a14d4f0617d49f78a246de10c1831224"
dependencies = [
"libc",
"windows-sys 0.59.0",
]
feat: improve output of exec subcommand (#719)
2025-04-29 09:59:35 -07:00
[[package]]
name = "owo-colors"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "4.2.2"
feat: improve output of exec subcommand (#719)
2025-04-29 09:59:35 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "48dd4f4a2c8405440fd0462561f0e5806bd0f77e86f51c761481bdd4018b545e"
cloud: status, diff, apply (#7614) Adds cli commands for getting the status of cloud tasks, and for getting/applying the diffs from same.
2025-12-05 13:39:23 -08:00
dependencies = [
"supports-color 2.1.0",
"supports-color 3.0.2",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "parking"
version = "2.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f38d5652c16fde515bb1ecef450ab0f6a219d619a7274976324d5e377f7dceba"
[[package]]
name = "parking_lot"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.12.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "70d58bf43669b5795d1576d0641cfb6fbb2057bf629506267a92807158584a13"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"lock_api",
"parking_lot_core",
]
[[package]]
name = "parking_lot_core"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.9.11"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "bc838d2a56b5b1a6c25f55575dfc605fabb63bb2365f6c2353ef9159aa69e4a5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cfg-if",
"libc",
fix: remove dependency on expanduser crate (#667) In putting up https://github.com/openai/codex/pull/665, I discovered that the `expanduser` crate does not compile on Windows. Looking into it, we do not seem to need it because we were only using it with a value that was passed in via a command-line flag, so the shell expands `~` for us before we see it, anyway. (I changed the type in `Cli` from `String` to `PathBuf`, to boot.) If we do need this sort of functionality in the future, https://docs.rs/shellexpand/latest/shellexpand/fn.tilde.html seems promising.
2025-04-25 14:20:21 -07:00
"redox_syscall",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"smallvec",
"windows-targets 0.52.6",
]
[[package]]
name = "paste"
version = "1.0.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "57c0d7b74b563b49d38dae00a0c37d4d6de9b432382b2892f0574ddcae73fd0a"
chore: update to rmcp@0.10.0 to pick up support for custom client notifications (#7462) In https://github.com/openai/codex/pull/7112, I updated our `rmcp` dependency to point to a personal fork while I tried to upstream my proposed change. Now that https://github.com/modelcontextprotocol/rust-sdk/pull/556 has been upstreamed and included in the `0.10.0` release of the crate, we can go back to using the mainline release.
2025-12-01 14:01:50 -08:00
[[package]]
name = "pastey"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "57d6c094ee800037dff99e02cab0eaf3142826586742a270ab3d7a62656bd27a"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "path-absolutize"
version = "3.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e4af381fe79fa195b4909485d99f73a80792331df0625188e707854f0b3383f5"
dependencies = [
"path-dedot",
]
[[package]]
name = "path-dedot"
version = "3.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "07ba0ad7e047712414213ff67533e6dd477af0a4e1d14fb52343e53d30ea9397"
dependencies = [
"once_cell",
]
rework message styling (#2877) https://github.com/user-attachments/assets/cf07f62b-1895-44bb-b9c3-7a12032eb371
2025-09-02 10:29:58 -07:00
[[package]]
name = "pathdiff"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "df94ce210e5bc13cb6651479fa48d14f601d9858cfe0467f43ae157023b938d3"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "pem-rfc7468"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412"
dependencies = [
"base64ct",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "percent-encoding"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "2.3.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "petgraph"
version = "0.6.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4c5cc86750666a3ed20bdaf5ca2a0344f9c67674cae0515bec2da16fbaa47db"
dependencies = [
"fixedbitset",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
[[package]]
name = "phf_shared"
version = "0.11.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "67eabc2ef2a60eb7faa00097bd1ffdb5bd28e62bf39990626a582201b7a754e5"
dependencies = [
"siphasher",
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "pin-project"
version = "1.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "677f1add503faace112b9f1373e43e9e054bfdd22ff1a63c1bc485eaec6a6a8a"
dependencies = [
"pin-project-internal",
]
[[package]]
name = "pin-project-internal"
version = "1.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6e918e4ff8c4549eb882f14b3a4bc8c8bc93de829416eacf579f1207a8fbf861"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "pin-project-lite"
version = "0.2.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3b3cff922bd51709b605d9ead9aa71031d81447142d828eb4a6eba76fe619f9b"
[[package]]
name = "pin-utils"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "piper"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "96c8c490f422ef9a4efd2cb5b42b76c8613d7e7dfc1caf667b8a3350a5acc066"
dependencies = [
"atomic-waker",
"fastrand",
"futures-io",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "pkg-config"
version = "0.3.32"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7edddbd0b52d732b21ad9a5fab5c704c14cd949e5e9a1ec5929a24fded1b904c"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "plist"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.7.4"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "3af6b589e163c5a788fab00ce0c0366f6efbb9959c2f9874b224936af7fce7e1"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
Add unified exec escalation handling and tests (#6492) Similar implementation to the shell tool
2025-11-11 08:19:35 -08:00
"quick-xml 0.38.0",
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
"serde",
"time",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "png"
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
version = "0.18.0"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
checksum = "97baced388464909d42d89643fe4361939af9b7ce7a31ee32a168f832a70f2a0"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
"crc32fast",
"fdeflate",
"flate2",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"miniz_oxide",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "polling"
version = "3.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d0e4f59085d47d8241c88ead0f274e8a0cb551f3625263c05eb8dd897c34218"
dependencies = [
"cfg-if",
"concurrent-queue",
"hermit-abi",
"pin-project-lite",
"rustix 1.0.8",
"windows-sys 0.61.1",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "portable-atomic"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.11.1"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "f84267b20a16ea918e43c6a88433c2d54fa145c92a811b5b047ccbe153674483"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "portable-atomic-util"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d8a2f0d8d040d7848a709caf78912debcc3f33ee4b3cac47d73d1e1069e83507"
dependencies = [
"portable-atomic",
]
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
[[package]]
name = "portable-pty"
version = "0.9.0"
Vendor ConPtySystem (#7656) The repo we were depending on is very large and we need very small part of it. --------- Co-authored-by: Pavel <pavel@krymets.com>
2025-12-09 09:23:51 -08:00
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4a596a2b3d2752d94f51fac2d4a96737b8705dddd311a32b9af47211f08671e"
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
dependencies = [
"anyhow",
"bitflags 1.3.2",
"downcast-rs",
"filedescriptor",
"lazy_static",
"libc",
"log",
Vendor ConPtySystem (#7656) The repo we were depending on is very large and we need very small part of it. --------- Co-authored-by: Pavel <pavel@krymets.com>
2025-12-09 09:23:51 -08:00
"nix 0.28.0",
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
"serial2",
"shared_library",
"shell-words",
"winapi",
"winreg",
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "potential_utf"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "0.1.4"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "b73949432f5e2a09657003c25bca5e19a0e9c84f8058ca374f49e0ebe605af77"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
dependencies = [
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
"serde_core",
"writeable",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"zerovec",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "powerfmt"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "439ee305def115ba05938db6eb1644ff94165c5ab5e9420d1c1bcedbba909391"
[[package]]
name = "ppv-lite86"
version = "0.2.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9"
dependencies = [
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"zerocopy",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "precomputed-hash"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "925383efa346730478fb4838dbe9137d2a47675ad789c546d150a6e1dd4ab31c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "predicates"
version = "3.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5d19ee57562043d37e82899fade9a22ebab7be9cef5026b07fda9cdd4293573"
dependencies = [
"anstyle",
"difflib",
"float-cmp",
"normalize-line-endings",
"predicates-core",
"regex",
]
[[package]]
name = "predicates-core"
version = "1.0.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "727e462b119fe9c93fd0eb1429a5f7647394014cf3c04ab2c0350eeb09095ffa"
[[package]]
name = "predicates-tree"
version = "1.0.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72dd2d6d381dfb73a193c7fca536518d7caee39fc8503f74e7dc0be0531b425c"
dependencies = [
"predicates-core",
"termtree",
]
[[package]]
name = "pretty_assertions"
version = "1.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3ae130e2f271fbc2ac3a40fb1d07180839cdbbe443c7a27e1e3c13c5cac0116d"
dependencies = [
"diff",
"yansi",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "proc-macro-crate"
version = "3.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "219cb19e96be00ab2e37d6e299658a0cfa83e52429179969b0f0121b4ac46983"
dependencies = [
"toml_edit",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "proc-macro2"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.95"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "02b3e5e68a3a1a02aad3ec490a98007cbc13c37cbe84a3cd7b8e406d76e7f778"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"unicode-ident",
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "process-wrap"
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
version = "9.0.0"
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
checksum = "5e5fd83ab7fa55fd06f5e665e3fc52b8bca451c0486b8ea60ad649cd1c10a5da"
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
dependencies = [
"futures",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"nix 0.30.1",
"tokio",
"tracing",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows 0.61.3",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "prost"
version = "0.13.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2796faa41db3ec313a31f7624d9286acf277b52de526150b7e69f3debf891ee5"
dependencies = [
"bytes",
"prost-derive",
]
[[package]]
name = "prost-derive"
version = "0.13.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8a56d757972c98b346a9b766e3f02746cde6dd1cd1d1d563472929fdd74bec4d"
dependencies = [
"anyhow",
"itertools 0.14.0",
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
]
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "pulldown-cmark"
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
version = "0.10.3"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
checksum = "76979bea66e7875e7509c4ec5300112b316af87fa7a252ca91c448b32dfe3993"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
"getopts",
"memchr",
"pulldown-cmark-escape",
"unicase",
]
[[package]]
name = "pulldown-cmark-escape"
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
version = "0.10.1"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
checksum = "bd348ff538bc9caeda7ee8cad2d1d48236a1f443c1fa3913c6a02fe0043b1dd3"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
[[package]]
name = "pxfm"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.1.23"
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "f55f4fedc84ed39cb7a489322318976425e42a147e2be79d8f878e2884f94e84"
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
dependencies = [
"num-traits",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "quick-error"
version = "2.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a993555f31e5a609f617c12db6250dedcac1b0a85076912c436e6fc9b2c8e6a3"
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
[[package]]
name = "quick-xml"
version = "0.37.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "331e97a1af0bf59823e6eadffe373d7b27f485be8748f71471c662c1f269b7fb"
dependencies = [
"memchr",
]
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "quick-xml"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.38.0"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "8927b0664f5c5a98265138b7e3f90aa19a6b21353182469ace36d4ac527b7b1b"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
"memchr",
]
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "quinn"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.11.9"
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "b9e20a958963c291dc322d98411f541009df2ced7b5a4f2bd52337638cfccf20"
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
dependencies = [
"bytes",
"cfg_aliases 0.2.1",
"pin-project-lite",
"quinn-proto",
"quinn-udp",
Delete tiktoken-rs (#7018)
2025-11-20 11:15:04 -08:00
"rustc-hash",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"rustls",
Support SYSTEM skills. (#8220) 1. Remove PUBLIC skills and introduce SYSTEM skills embedded in the binary and installed into $CODEX_HOME/skills/.system at startup. 2. Skills are now always enabled (feature flag removed). 3. Update skills/list to accept forceReload and plumb it through (not used by clients yet).
2025-12-17 18:48:28 -08:00
"socket2 0.6.1",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"tokio",
"tracing",
"web-time",
]
[[package]]
name = "quinn-proto"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.11.13"
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "f1906b49b0c3bc04b5fe5d86a77925ae6524a19b816ae38ce1e426255f1d8a31"
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
dependencies = [
"bytes",
"getrandom 0.3.3",
"lru-slab",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand 0.9.2",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"ring",
Delete tiktoken-rs (#7018)
2025-11-20 11:15:04 -08:00
"rustc-hash",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"rustls",
"rustls-pki-types",
"slab",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"tinyvec",
"tracing",
"web-time",
]
[[package]]
name = "quinn-udp"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.5.14"
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "addec6a0dcad8a8d96a771f815f0eaf55f9d1805756410b39f5fa81332574cbd"
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
dependencies = [
"cfg_aliases 0.2.1",
"libc",
"once_cell",
Support SYSTEM skills. (#8220) 1. Remove PUBLIC skills and introduce SYSTEM skills embedded in the binary and installed into $CODEX_HOME/skills/.system at startup. 2. Skills are now always enabled (feature flag removed). 3. Update skills/list to accept forceReload and plumb it through (not used by clients yet).
2025-12-17 18:48:28 -08:00
"socket2 0.6.1",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"tracing",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"windows-sys 0.60.2",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "quote"
version = "1.0.40"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1885c039570dc00dcb4ff087a89e185fd56bae234ddc7f056a945bf36467248d"
dependencies = [
"proc-macro2",
]
[[package]]
name = "r-efi"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "5.3.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "69cdb34c158ceb288df11e18b4bd39de994f6657d83847bdffdbd7f346754b0f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "radix_trie"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c069c179fcdc6a2fe24d8d18305cf085fdbd4f922c041943e203685d6a1c58fd"
dependencies = [
"endian-type",
"nibble_vec",
]
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
[[package]]
name = "rand"
version = "0.8.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
dependencies = [
"libc",
"rand_chacha 0.3.1",
"rand_core 0.6.4",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "rand"
chore(deps): bump rand from 0.9.1 to 0.9.2 in /codex-rs (#1637) Bumps [rand](https://github.com/rust-random/rand) from 0.9.1 to 0.9.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md">rand's changelog</a>.</em></p> <blockquote> <h2>[0.9.2 — 2025-07-20]</h2> <h3>Deprecated</h3> <ul> <li>Deprecate <code>rand::rngs::mock</code> module and <code>StepRng</code> generator (<a href="https://redirect.github.com/rust-random/rand/issues/1634">#1634</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Enable <code>WeightedIndex&lt;usize&gt;</code> (de)serialization (<a href="https://redirect.github.com/rust-random/rand/issues/1646">#1646</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-random/rand/commit/d3dd4157052e5431ce42e157b544968560a68b95"><code>d3dd415</code></a> Prepare rand_core 0.9.2 (<a href="https://redirect.github.com/rust-random/rand/issues/1605">#1605</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/99fabd20e9b39d0af7c2ed6c31dbcad83a1703fd"><code>99fabd2</code></a> Prepare rand_core 0.9.2</li> <li><a href="https://github.com/rust-random/rand/commit/c7fe1c43b5ba53aacad5fbac94a8b88788564049"><code>c7fe1c4</code></a> rand: re-export <code>rand_core</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1604">#1604</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/db2b1e0bb41b0a1435b9fecaa1b7bdb531183204"><code>db2b1e0</code></a> rand: re-export <code>rand_core</code></li> <li><a href="https://github.com/rust-random/rand/commit/ee1d96f9f527dbe6f873c8a5ccf47d60a6b8f7b7"><code>ee1d96f</code></a> rand_core: implement reborrow for <code>UnwrapMut</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1595">#1595</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/e0eb2ee0fcc0b07afb901465f4a8ba7f07128f87"><code>e0eb2ee</code></a> rand_core: implement reborrow for <code>UnwrapMut</code></li> <li><a href="https://github.com/rust-random/rand/commit/975f602f5dbbdab0a024e0c5e8b527907426bd8c"><code>975f602</code></a> fixup clippy 1.85 warnings</li> <li><a href="https://github.com/rust-random/rand/commit/775b05be1b8a4fdef17c6601cd223551fbf67edc"><code>775b05b</code></a> Relax <code>Sized</code> requirements for blanket impls (<a href="https://redirect.github.com/rust-random/rand/issues/1593">#1593</a>)</li> <li>See full diff in <a href="https://github.com/rust-random/rand/compare/rand_core-0.9.1...rand_core-0.9.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rand&package-manager=cargo&previous-version=0.9.1&new-version=0.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 15:36:08 -07:00
version = "0.9.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump rand from 0.9.1 to 0.9.2 in /codex-rs (#1637) Bumps [rand](https://github.com/rust-random/rand) from 0.9.1 to 0.9.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md">rand's changelog</a>.</em></p> <blockquote> <h2>[0.9.2 — 2025-07-20]</h2> <h3>Deprecated</h3> <ul> <li>Deprecate <code>rand::rngs::mock</code> module and <code>StepRng</code> generator (<a href="https://redirect.github.com/rust-random/rand/issues/1634">#1634</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Enable <code>WeightedIndex&lt;usize&gt;</code> (de)serialization (<a href="https://redirect.github.com/rust-random/rand/issues/1646">#1646</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-random/rand/commit/d3dd4157052e5431ce42e157b544968560a68b95"><code>d3dd415</code></a> Prepare rand_core 0.9.2 (<a href="https://redirect.github.com/rust-random/rand/issues/1605">#1605</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/99fabd20e9b39d0af7c2ed6c31dbcad83a1703fd"><code>99fabd2</code></a> Prepare rand_core 0.9.2</li> <li><a href="https://github.com/rust-random/rand/commit/c7fe1c43b5ba53aacad5fbac94a8b88788564049"><code>c7fe1c4</code></a> rand: re-export <code>rand_core</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1604">#1604</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/db2b1e0bb41b0a1435b9fecaa1b7bdb531183204"><code>db2b1e0</code></a> rand: re-export <code>rand_core</code></li> <li><a href="https://github.com/rust-random/rand/commit/ee1d96f9f527dbe6f873c8a5ccf47d60a6b8f7b7"><code>ee1d96f</code></a> rand_core: implement reborrow for <code>UnwrapMut</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1595">#1595</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/e0eb2ee0fcc0b07afb901465f4a8ba7f07128f87"><code>e0eb2ee</code></a> rand_core: implement reborrow for <code>UnwrapMut</code></li> <li><a href="https://github.com/rust-random/rand/commit/975f602f5dbbdab0a024e0c5e8b527907426bd8c"><code>975f602</code></a> fixup clippy 1.85 warnings</li> <li><a href="https://github.com/rust-random/rand/commit/775b05be1b8a4fdef17c6601cd223551fbf67edc"><code>775b05b</code></a> Relax <code>Sized</code> requirements for blanket impls (<a href="https://redirect.github.com/rust-random/rand/issues/1593">#1593</a>)</li> <li>See full diff in <a href="https://github.com/rust-random/rand/compare/rand_core-0.9.1...rand_core-0.9.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=rand&package-manager=cargo&previous-version=0.9.1&new-version=0.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 15:36:08 -07:00
checksum = "6db2770f06117d490610c7488547d543617b21bfa07796d7a12f6f1bd53850d1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand_chacha 0.9.0",
"rand_core 0.9.3",
]
[[package]]
name = "rand_chacha"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
dependencies = [
"ppv-lite86",
"rand_core 0.6.4",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "rand_chacha"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d3022b5f1df60f26e1ffddd6c66e8aa15de382ae63b3a0c1bfc0e4d3e3f325cb"
dependencies = [
"ppv-lite86",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand_core 0.9.3",
]
[[package]]
name = "rand_core"
version = "0.6.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
dependencies = [
"getrandom 0.2.16",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "rand_core"
version = "0.9.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "99d9a13982dcf210057a8a78572b2217b667c3beacbf3a0d8b454f6f82837d38"
dependencies = [
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"getrandom 0.3.3",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "ratatui"
version = "0.29.0"
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
source = "git+https://github.com/nornagon/ratatui?branch=nornagon-v0.29.0-patch#9b2ad1298408c45918ee9f8241a6f95498cdbed2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"cassowary",
"compact_str",
"crossterm",
"indoc",
"instability",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"itertools 0.13.0",
chore(deps): bump lru from 0.12.5 to 0.16.2 in /codex-rs (#8045) Bumps [lru](https://github.com/jeromefroe/lru-rs) from 0.12.5 to 0.16.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md">lru's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.2">v0.16.2</a> - 2025-10-14</h2> <ul> <li>Upgrade hashbrown dependency to 0.16.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.1">v0.16.1</a> - 2025-09-08</h2> <ul> <li>Fix <code>Clone</code> for unbounded cache.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.16.0">v0.16.0</a> - 2025-07-02</h2> <ul> <li>Implement <code>Clone</code> for caches with custom hashers.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.15.0">v0.15.0</a> - 2025-06-26</h2> <ul> <li>Return bool from <code>promote</code> and <code>demote</code> to indicate whether key was found.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.14.0">v0.14.0</a> - 2025-04-12</h2> <ul> <li>Use <code>NonZeroUsize::MAX</code> instead of <code>unwrap()</code>, and update MSRV to 1.70.0.</li> </ul> <h2><a href="https://github.com/jeromefroe/lru-rs/tree/0.13.0">v0.13.0</a> - 2025-01-27</h2> <ul> <li>Add <code>peek_mru</code> and <code>pop_mru</code> methods, upgrade dependency on <code>hashbrown</code> to 0.15.2, and update MSRV to 1.65.0.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c1f843ded02d718138483df6ed8da4961accc201"><code>c1f843d</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/223">#223</a> from jeromefroe/jerome/prepare-0-16-2-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/fc4f30953e75e4315d9d965a3e4b7f0968788d2a"><code>fc4f309</code></a> Prepare 0.16.2 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e91ea2bd85eabfc0769f1117bbba22699e766cb0"><code>e91ea2b</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/222">#222</a> from torokati44/hashbrown-0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/90d05feff3d795016c4f5a2e44215b35ee5816f7"><code>90d05fe</code></a> Update hashbrown to 0.16</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/c699209232539c72035d942888750878e590ab46"><code>c699209</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/220">#220</a> from jeromefroe/jerome/prepare-0-16-1-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/2bd820703080f0ee840dce10e7bd447fa8d2c83d"><code>2bd8207</code></a> Prepare 0.16.1 release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/1b21bf1c5917e172edbfd0f5f87b2f6d94130724"><code>1b21bf1</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/219">#219</a> from wqfish/bk</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/3ec42b6369082c00da2836fe033db20cb52a36fc"><code>3ec42b6</code></a> Fix clone implementation for unbounded cache</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/e2e3e47c33386672fc715deabf3494b071b8d04c"><code>e2e3e47</code></a> Merge pull request <a href="https://redirect.github.com/jeromefroe/lru-rs/issues/218">#218</a> from jeromefroe/jerome/prepare-0-16-0-release</li> <li><a href="https://github.com/jeromefroe/lru-rs/commit/17fe4f328aa4149814849ede11c283ff7ee27d31"><code>17fe4f3</code></a> Prepare 0.16.0 release</li> <li>Additional commits viewable in <a href="https://github.com/jeromefroe/lru-rs/compare/0.12.5...0.16.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=lru&package-manager=cargo&previous-version=0.12.5&new-version=0.16.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:32:15 -08:00
"lru 0.12.5",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"paste",
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
"strum 0.26.3",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"unicode-segmentation",
"unicode-truncate",
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
"unicode-width 0.2.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
fix terminal corruption that could happen when onboarding and update banner (#5269) Instead of printing characters before booting the app, make the upgrade banner a history cell so it's well-behaved. <img width="771" height="586" alt="Screenshot 2025-10-16 at 4 20 51 PM" src="https://github.com/user-attachments/assets/90629d47-2c3d-4970-a826-283795ab34e5" /> --------- Co-authored-by: Josh McKinney <joshka@openai.com>
2025-10-20 14:40:14 -07:00
[[package]]
name = "ratatui-macros"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6fef540f80dbe8a0773266fa6077788ceb65ef624cdbf36e131aaf90b4a52df4"
dependencies = [
"ratatui",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "redox_syscall"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.5.15"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "7e8af0dde094006011e6a740d4879319439489813bd0bcdc7d821beaeeff48ec"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "redox_users"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba009ff324d1fc1b900bd1fdb31564febe58a8ccc8a6fdbb93b543d33b13ca43"
dependencies = [
"getrandom 0.2.16",
"libredox",
"thiserror 1.0.69",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "redox_users"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.5.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "dd6f9d3d47bdd2ad6945c5015a226ec6155d0bcdfd8f7cd29f86b71f8de99d2b"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"getrandom 0.2.16",
"libredox",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "ref-cast"
version = "1.0.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4a0ae411dbe946a674d89546582cea4ba2bb8defac896622d6496f14c23ba5cf"
dependencies = [
"ref-cast-impl",
]
[[package]]
name = "ref-cast-impl"
version = "1.0.24"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1165225c21bff1f3bbce98f5a1f889949bc902d3575308cc7b0de30b4f6d27c7"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "regex"
chore(deps): bump regex from 1.11.1 to 1.12.2 in /codex-rs (#7222) Bumps [regex](https://github.com/rust-lang/regex) from 1.11.1 to 1.12.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.12.2 (2025-10-13)</h1> <p>This release fixes a <code>cargo doc</code> breakage on nightly when <code>--cfg docsrs</code> is enabled. This caused documentation to fail to build on docs.rs.</p> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1305">#1305</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1305">rust-lang/regex#1305</a>): Switches the <code>doc_auto_cfg</code> feature to <code>doc_cfg</code> on nightly for docs.rs builds.</li> </ul> <h1>1.12.1 (2025-10-10)</h1> <p>This release makes a bug fix in the new <code>regex::Captures::get_match</code> API introduced in <code>1.12.0</code>. There was an oversight with the lifetime parameter for the <code>Match</code> returned. This is technically a breaking change, but given that it was caught almost immediately and I've yanked the <code>1.12.0</code> release, I think this is fine.</p> <h1>1.12.0 (2025-10-10)</h1> <p>This release contains a smattering of bug fixes, a fix for excessive memory consumption in some cases and a new <code>regex::Captures::get_match</code> API.</p> <p>Improvements:</p> <ul> <li>[FEATURE <a href="https://redirect.github.com/rust-lang/regex/issues/1146">#1146</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1146">rust-lang/regex#1146</a>): Add <code>Capture::get_match</code> for returning the overall match without <code>unwrap()</code>.</li> </ul> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1083">#1083</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1083">rust-lang/regex#1083</a>): Fixes a panic in the lazy DFA (can only occur for especially large regexes).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1116">#1116</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1116">rust-lang/regex#1116</a>): Fixes a memory usage regression for large regexes (introduced in <code>regex 1.9</code>).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1195">#1195</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1195">rust-lang/regex#1195</a>): Fix universal start states in sparse DFA.</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1295">#1295</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/1295">rust-lang/regex#1295</a>): Fixes a panic when deserializing a corrupted dense DFA.</li> <li><a href="https://github.com/rust-lang/regex/commit/8f5d9479d0f1da5726488a530d7fd66a73d05b80">BUG 8f5d9479</a>: Make <code>regex_automata::meta::Regex::find</code> consistently return <code>None</code> when <code>WhichCaptures::None</code> is used.</li> </ul> <h1>1.11.3 (2025-09-25)</h1> <p>This is a small patch release with an improvement in memory usage in some cases.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/5ea3eb1e95f0338e283f5f0b4681f0891a1cd836"><code>5ea3eb1</code></a> 1.12.2</li> <li><a href="https://github.com/rust-lang/regex/commit/ab0b07171b82d1d4fdc8359505d12b2e818514d4"><code>ab0b071</code></a> regex-automata-0.4.13</li> <li><a href="https://github.com/rust-lang/regex/commit/691d51457db276bbdf9ca3de2cafe285c662c59f"><code>691d514</code></a> regex-syntax-0.8.8</li> <li><a href="https://github.com/rust-lang/regex/commit/1dd90777791dbc6bbf389157d05ac8176c6ad051"><code>1dd9077</code></a> docs: swap <code>doc_auto_cfg</code> with <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/regex/commit/0089034cb37b0bf3785f2e0211f7eca74033f4d1"><code>0089034</code></a> regex-cli-0.2.3</li> <li><a href="https://github.com/rust-lang/regex/commit/140f8949da3f575490bac80ff23dfc29458b82c7"><code>140f894</code></a> regex-lite-0.1.8</li> <li><a href="https://github.com/rust-lang/regex/commit/27d6d65263cb80266a62e3189408a44f201a0975"><code>27d6d65</code></a> 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/85398ad5002048bbeaa90f1fe37fbb31df2bc0d6"><code>85398ad</code></a> changelog: 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/764efbd305d3a7b817ec8892ff0a656ec657d660"><code>764efbd</code></a> api: tweak the lifetime of <code>Captures::get_match</code></li> <li><a href="https://github.com/rust-lang/regex/commit/ee6aa55e01786e4d2c11eb1be805835bbb3bfa99"><code>ee6aa55</code></a> rure-0.2.4</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.11.1...1.12.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.11.1&new-version=1.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:43:57 -08:00
version = "1.12.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump regex from 1.11.1 to 1.12.2 in /codex-rs (#7222) Bumps [regex](https://github.com/rust-lang/regex) from 1.11.1 to 1.12.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.12.2 (2025-10-13)</h1> <p>This release fixes a <code>cargo doc</code> breakage on nightly when <code>--cfg docsrs</code> is enabled. This caused documentation to fail to build on docs.rs.</p> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1305">#1305</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1305">rust-lang/regex#1305</a>): Switches the <code>doc_auto_cfg</code> feature to <code>doc_cfg</code> on nightly for docs.rs builds.</li> </ul> <h1>1.12.1 (2025-10-10)</h1> <p>This release makes a bug fix in the new <code>regex::Captures::get_match</code> API introduced in <code>1.12.0</code>. There was an oversight with the lifetime parameter for the <code>Match</code> returned. This is technically a breaking change, but given that it was caught almost immediately and I've yanked the <code>1.12.0</code> release, I think this is fine.</p> <h1>1.12.0 (2025-10-10)</h1> <p>This release contains a smattering of bug fixes, a fix for excessive memory consumption in some cases and a new <code>regex::Captures::get_match</code> API.</p> <p>Improvements:</p> <ul> <li>[FEATURE <a href="https://redirect.github.com/rust-lang/regex/issues/1146">#1146</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1146">rust-lang/regex#1146</a>): Add <code>Capture::get_match</code> for returning the overall match without <code>unwrap()</code>.</li> </ul> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1083">#1083</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1083">rust-lang/regex#1083</a>): Fixes a panic in the lazy DFA (can only occur for especially large regexes).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1116">#1116</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1116">rust-lang/regex#1116</a>): Fixes a memory usage regression for large regexes (introduced in <code>regex 1.9</code>).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1195">#1195</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1195">rust-lang/regex#1195</a>): Fix universal start states in sparse DFA.</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1295">#1295</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/1295">rust-lang/regex#1295</a>): Fixes a panic when deserializing a corrupted dense DFA.</li> <li><a href="https://github.com/rust-lang/regex/commit/8f5d9479d0f1da5726488a530d7fd66a73d05b80">BUG 8f5d9479</a>: Make <code>regex_automata::meta::Regex::find</code> consistently return <code>None</code> when <code>WhichCaptures::None</code> is used.</li> </ul> <h1>1.11.3 (2025-09-25)</h1> <p>This is a small patch release with an improvement in memory usage in some cases.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/5ea3eb1e95f0338e283f5f0b4681f0891a1cd836"><code>5ea3eb1</code></a> 1.12.2</li> <li><a href="https://github.com/rust-lang/regex/commit/ab0b07171b82d1d4fdc8359505d12b2e818514d4"><code>ab0b071</code></a> regex-automata-0.4.13</li> <li><a href="https://github.com/rust-lang/regex/commit/691d51457db276bbdf9ca3de2cafe285c662c59f"><code>691d514</code></a> regex-syntax-0.8.8</li> <li><a href="https://github.com/rust-lang/regex/commit/1dd90777791dbc6bbf389157d05ac8176c6ad051"><code>1dd9077</code></a> docs: swap <code>doc_auto_cfg</code> with <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/regex/commit/0089034cb37b0bf3785f2e0211f7eca74033f4d1"><code>0089034</code></a> regex-cli-0.2.3</li> <li><a href="https://github.com/rust-lang/regex/commit/140f8949da3f575490bac80ff23dfc29458b82c7"><code>140f894</code></a> regex-lite-0.1.8</li> <li><a href="https://github.com/rust-lang/regex/commit/27d6d65263cb80266a62e3189408a44f201a0975"><code>27d6d65</code></a> 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/85398ad5002048bbeaa90f1fe37fbb31df2bc0d6"><code>85398ad</code></a> changelog: 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/764efbd305d3a7b817ec8892ff0a656ec657d660"><code>764efbd</code></a> api: tweak the lifetime of <code>Captures::get_match</code></li> <li><a href="https://github.com/rust-lang/regex/commit/ee6aa55e01786e4d2c11eb1be805835bbb3bfa99"><code>ee6aa55</code></a> rure-0.2.4</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.11.1...1.12.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.11.1&new-version=1.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:43:57 -08:00
checksum = "843bc0191f75f3e22651ae5f1e72939ab2f72a4bc30fa80a066bd66edefc24d4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"aho-corasick",
"memchr",
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"regex-automata",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"regex-syntax 0.8.5",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "regex-automata"
chore(deps): bump regex from 1.11.1 to 1.12.2 in /codex-rs (#7222) Bumps [regex](https://github.com/rust-lang/regex) from 1.11.1 to 1.12.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.12.2 (2025-10-13)</h1> <p>This release fixes a <code>cargo doc</code> breakage on nightly when <code>--cfg docsrs</code> is enabled. This caused documentation to fail to build on docs.rs.</p> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1305">#1305</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1305">rust-lang/regex#1305</a>): Switches the <code>doc_auto_cfg</code> feature to <code>doc_cfg</code> on nightly for docs.rs builds.</li> </ul> <h1>1.12.1 (2025-10-10)</h1> <p>This release makes a bug fix in the new <code>regex::Captures::get_match</code> API introduced in <code>1.12.0</code>. There was an oversight with the lifetime parameter for the <code>Match</code> returned. This is technically a breaking change, but given that it was caught almost immediately and I've yanked the <code>1.12.0</code> release, I think this is fine.</p> <h1>1.12.0 (2025-10-10)</h1> <p>This release contains a smattering of bug fixes, a fix for excessive memory consumption in some cases and a new <code>regex::Captures::get_match</code> API.</p> <p>Improvements:</p> <ul> <li>[FEATURE <a href="https://redirect.github.com/rust-lang/regex/issues/1146">#1146</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1146">rust-lang/regex#1146</a>): Add <code>Capture::get_match</code> for returning the overall match without <code>unwrap()</code>.</li> </ul> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1083">#1083</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1083">rust-lang/regex#1083</a>): Fixes a panic in the lazy DFA (can only occur for especially large regexes).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1116">#1116</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1116">rust-lang/regex#1116</a>): Fixes a memory usage regression for large regexes (introduced in <code>regex 1.9</code>).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1195">#1195</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1195">rust-lang/regex#1195</a>): Fix universal start states in sparse DFA.</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1295">#1295</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/1295">rust-lang/regex#1295</a>): Fixes a panic when deserializing a corrupted dense DFA.</li> <li><a href="https://github.com/rust-lang/regex/commit/8f5d9479d0f1da5726488a530d7fd66a73d05b80">BUG 8f5d9479</a>: Make <code>regex_automata::meta::Regex::find</code> consistently return <code>None</code> when <code>WhichCaptures::None</code> is used.</li> </ul> <h1>1.11.3 (2025-09-25)</h1> <p>This is a small patch release with an improvement in memory usage in some cases.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/5ea3eb1e95f0338e283f5f0b4681f0891a1cd836"><code>5ea3eb1</code></a> 1.12.2</li> <li><a href="https://github.com/rust-lang/regex/commit/ab0b07171b82d1d4fdc8359505d12b2e818514d4"><code>ab0b071</code></a> regex-automata-0.4.13</li> <li><a href="https://github.com/rust-lang/regex/commit/691d51457db276bbdf9ca3de2cafe285c662c59f"><code>691d514</code></a> regex-syntax-0.8.8</li> <li><a href="https://github.com/rust-lang/regex/commit/1dd90777791dbc6bbf389157d05ac8176c6ad051"><code>1dd9077</code></a> docs: swap <code>doc_auto_cfg</code> with <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/regex/commit/0089034cb37b0bf3785f2e0211f7eca74033f4d1"><code>0089034</code></a> regex-cli-0.2.3</li> <li><a href="https://github.com/rust-lang/regex/commit/140f8949da3f575490bac80ff23dfc29458b82c7"><code>140f894</code></a> regex-lite-0.1.8</li> <li><a href="https://github.com/rust-lang/regex/commit/27d6d65263cb80266a62e3189408a44f201a0975"><code>27d6d65</code></a> 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/85398ad5002048bbeaa90f1fe37fbb31df2bc0d6"><code>85398ad</code></a> changelog: 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/764efbd305d3a7b817ec8892ff0a656ec657d660"><code>764efbd</code></a> api: tweak the lifetime of <code>Captures::get_match</code></li> <li><a href="https://github.com/rust-lang/regex/commit/ee6aa55e01786e4d2c11eb1be805835bbb3bfa99"><code>ee6aa55</code></a> rure-0.2.4</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.11.1...1.12.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.11.1&new-version=1.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:43:57 -08:00
version = "0.4.13"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump regex from 1.11.1 to 1.12.2 in /codex-rs (#7222) Bumps [regex](https://github.com/rust-lang/regex) from 1.11.1 to 1.12.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex's changelog</a>.</em></p> <blockquote> <h1>1.12.2 (2025-10-13)</h1> <p>This release fixes a <code>cargo doc</code> breakage on nightly when <code>--cfg docsrs</code> is enabled. This caused documentation to fail to build on docs.rs.</p> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1305">#1305</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1305">rust-lang/regex#1305</a>): Switches the <code>doc_auto_cfg</code> feature to <code>doc_cfg</code> on nightly for docs.rs builds.</li> </ul> <h1>1.12.1 (2025-10-10)</h1> <p>This release makes a bug fix in the new <code>regex::Captures::get_match</code> API introduced in <code>1.12.0</code>. There was an oversight with the lifetime parameter for the <code>Match</code> returned. This is technically a breaking change, but given that it was caught almost immediately and I've yanked the <code>1.12.0</code> release, I think this is fine.</p> <h1>1.12.0 (2025-10-10)</h1> <p>This release contains a smattering of bug fixes, a fix for excessive memory consumption in some cases and a new <code>regex::Captures::get_match</code> API.</p> <p>Improvements:</p> <ul> <li>[FEATURE <a href="https://redirect.github.com/rust-lang/regex/issues/1146">#1146</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1146">rust-lang/regex#1146</a>): Add <code>Capture::get_match</code> for returning the overall match without <code>unwrap()</code>.</li> </ul> <p>Bug fixes:</p> <ul> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1083">#1083</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1083">rust-lang/regex#1083</a>): Fixes a panic in the lazy DFA (can only occur for especially large regexes).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1116">#1116</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1116">rust-lang/regex#1116</a>): Fixes a memory usage regression for large regexes (introduced in <code>regex 1.9</code>).</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1195">#1195</a>](<a href="https://redirect.github.com/rust-lang/regex/issues/1195">rust-lang/regex#1195</a>): Fix universal start states in sparse DFA.</li> <li>[BUG <a href="https://redirect.github.com/rust-lang/regex/issues/1295">#1295</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/1295">rust-lang/regex#1295</a>): Fixes a panic when deserializing a corrupted dense DFA.</li> <li><a href="https://github.com/rust-lang/regex/commit/8f5d9479d0f1da5726488a530d7fd66a73d05b80">BUG 8f5d9479</a>: Make <code>regex_automata::meta::Regex::find</code> consistently return <code>None</code> when <code>WhichCaptures::None</code> is used.</li> </ul> <h1>1.11.3 (2025-09-25)</h1> <p>This is a small patch release with an improvement in memory usage in some cases.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/5ea3eb1e95f0338e283f5f0b4681f0891a1cd836"><code>5ea3eb1</code></a> 1.12.2</li> <li><a href="https://github.com/rust-lang/regex/commit/ab0b07171b82d1d4fdc8359505d12b2e818514d4"><code>ab0b071</code></a> regex-automata-0.4.13</li> <li><a href="https://github.com/rust-lang/regex/commit/691d51457db276bbdf9ca3de2cafe285c662c59f"><code>691d514</code></a> regex-syntax-0.8.8</li> <li><a href="https://github.com/rust-lang/regex/commit/1dd90777791dbc6bbf389157d05ac8176c6ad051"><code>1dd9077</code></a> docs: swap <code>doc_auto_cfg</code> with <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/regex/commit/0089034cb37b0bf3785f2e0211f7eca74033f4d1"><code>0089034</code></a> regex-cli-0.2.3</li> <li><a href="https://github.com/rust-lang/regex/commit/140f8949da3f575490bac80ff23dfc29458b82c7"><code>140f894</code></a> regex-lite-0.1.8</li> <li><a href="https://github.com/rust-lang/regex/commit/27d6d65263cb80266a62e3189408a44f201a0975"><code>27d6d65</code></a> 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/85398ad5002048bbeaa90f1fe37fbb31df2bc0d6"><code>85398ad</code></a> changelog: 1.12.1</li> <li><a href="https://github.com/rust-lang/regex/commit/764efbd305d3a7b817ec8892ff0a656ec657d660"><code>764efbd</code></a> api: tweak the lifetime of <code>Captures::get_match</code></li> <li><a href="https://github.com/rust-lang/regex/commit/ee6aa55e01786e4d2c11eb1be805835bbb3bfa99"><code>ee6aa55</code></a> rure-0.2.4</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/1.11.1...1.12.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex&package-manager=cargo&previous-version=1.11.1&new-version=1.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:43:57 -08:00
checksum = "5276caf25ac86c8d810222b3dbb938e512c55c6831a10f3e6ed1c93b84041f1c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"aho-corasick",
"memchr",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"regex-syntax 0.8.5",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore: replace regex with regex-lite, where appropriate (#1200) As explained on https://crates.io/crates/regex-lite, `regex-lite` is a lighter alternative to `regex` and seems to be sufficient for our purposes.
2025-06-02 17:11:45 -07:00
[[package]]
name = "regex-lite"
chore(deps): bump regex-lite from 0.1.6 to 0.1.7 in /codex-rs (#3010) Bumps [regex-lite](https://github.com/rust-lang/regex) from 0.1.6 to 0.1.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex-lite's changelog</a>.</em></p> <blockquote> <h1>0.1.79</h1> <ul> <li>Require regex-syntax 0.3.8.</li> </ul> <h1>0.1.78</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/290">#290</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/290">rust-lang/regex#290</a>): Fixes bug <a href="https://redirect.github.com/rust-lang/regex/issues/289">#289</a>, which caused some regexes with a certain combination of literals to match incorrectly.</li> </ul> <h1>0.1.77</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/281">#281</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/281">rust-lang/regex#281</a>): Fixes bug <a href="https://redirect.github.com/rust-lang/regex/issues/280">#280</a> by disabling all literal optimizations when a pattern is partially anchored.</li> </ul> <h1>0.1.76</h1> <ul> <li>Tweak criteria for using the Teddy literal matcher.</li> </ul> <h1>0.1.75</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/275">#275</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/275">rust-lang/regex#275</a>): Improves match verification performance in the Teddy SIMD searcher.</li> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/278">#278</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/278">rust-lang/regex#278</a>): Replaces slow substring loop in the Teddy SIMD searcher with Aho-Corasick.</li> <li>Implemented DoubleEndedIterator on regex set match iterators.</li> </ul> <h1>0.1.74</h1> <ul> <li>Release regex-syntax 0.3.5 with a minor bug fix.</li> <li>Fix bug <a href="https://redirect.github.com/rust-lang/regex/issues/272">#272</a>.</li> <li>Fix bug <a href="https://redirect.github.com/rust-lang/regex/issues/277">#277</a>.</li> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/270">#270</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/270">rust-lang/regex#270</a>): Fixes bugs <a href="https://redirect.github.com/rust-lang/regex/issues/264">#264</a>, <a href="https://redirect.github.com/rust-lang/regex/issues/268">#268</a> and an unreported where the DFA cache size could be drastically underestimated in some cases (leading to high unexpected memory usage).</li> </ul> <h1>0.1.73</h1> <ul> <li>Release <code>regex-syntax 0.3.4</code>.</li> <li>Bump <code>regex-syntax</code> dependency version for <code>regex</code> to <code>0.3.4</code>.</li> </ul> <h1>0.1.72</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/262">#262</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/262">rust-lang/regex#262</a>): Fixes a number of small bugs caught by fuzz testing (AFL).</li> </ul> <h1>0.1.71</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/45c3da7681af3a513bedba067c440b76bcc9a16e"><code>45c3da7</code></a> regex-lite-0.1.7</li> <li><a href="https://github.com/rust-lang/regex/commit/873ed800c535bc3ef0711c1ee6f2726b89a8508c"><code>873ed80</code></a> regex-automata-0.4.10</li> <li><a href="https://github.com/rust-lang/regex/commit/ea834f8e1fd7b72a3c1b2319b1a47f0c50d43082"><code>ea834f8</code></a> regex-syntax-0.8.6</li> <li><a href="https://github.com/rust-lang/regex/commit/86836fbe841893ca2e06ccf24067ecbc67b0b0c5"><code>86836fb</code></a> changelog: 1.11.2</li> <li><a href="https://github.com/rust-lang/regex/commit/63a26c1a7fac5ebbed88471ebada05f7a465ffc8"><code>63a26c1</code></a> cargo: ensure that 'perf' doesn't enable 'std' implicitly (<a href="https://redirect.github.com/rust-lang/regex/issues/1150">#1150</a>)</li> <li><a href="https://github.com/rust-lang/regex/commit/dd96592be2c019abb268026904826e79d919d3c4"><code>dd96592</code></a> doc: clarify CRLF mode effect</li> <li><a href="https://github.com/rust-lang/regex/commit/931dae01925415354720952bfaa568a7f9fb369b"><code>931dae0</code></a> cargo: point <code>repository</code> metadata to clonable URLs</li> <li><a href="https://github.com/rust-lang/regex/commit/a66fde6e803421af6c949bd1f332048f2e7d1482"><code>a66fde6</code></a> doc: remove references to non-existent parameters</li> <li><a href="https://github.com/rust-lang/regex/commit/1873e96a7bc36595ddcfae1968ee84ed9af4ae04"><code>1873e96</code></a> automata: add <code>DFA::set_prefilter</code> method to the DFA types</li> <li><a href="https://github.com/rust-lang/regex/commit/89ff15310b72d73f64acaf77c37d350f14455164"><code>89ff153</code></a> doc: fix misspelling typo</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/regex-lite-0.1.6...regex-lite-0.1.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex-lite&package-manager=cargo&previous-version=0.1.6&new-version=0.1.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-02 09:09:17 -07:00
version = "0.1.7"
chore: replace regex with regex-lite, where appropriate (#1200) As explained on https://crates.io/crates/regex-lite, `regex-lite` is a lighter alternative to `regex` and seems to be sufficient for our purposes.
2025-06-02 17:11:45 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump regex-lite from 0.1.6 to 0.1.7 in /codex-rs (#3010) Bumps [regex-lite](https://github.com/rust-lang/regex) from 0.1.6 to 0.1.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/regex/blob/master/CHANGELOG.md">regex-lite's changelog</a>.</em></p> <blockquote> <h1>0.1.79</h1> <ul> <li>Require regex-syntax 0.3.8.</li> </ul> <h1>0.1.78</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/290">#290</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/290">rust-lang/regex#290</a>): Fixes bug <a href="https://redirect.github.com/rust-lang/regex/issues/289">#289</a>, which caused some regexes with a certain combination of literals to match incorrectly.</li> </ul> <h1>0.1.77</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/281">#281</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/281">rust-lang/regex#281</a>): Fixes bug <a href="https://redirect.github.com/rust-lang/regex/issues/280">#280</a> by disabling all literal optimizations when a pattern is partially anchored.</li> </ul> <h1>0.1.76</h1> <ul> <li>Tweak criteria for using the Teddy literal matcher.</li> </ul> <h1>0.1.75</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/275">#275</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/275">rust-lang/regex#275</a>): Improves match verification performance in the Teddy SIMD searcher.</li> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/278">#278</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/278">rust-lang/regex#278</a>): Replaces slow substring loop in the Teddy SIMD searcher with Aho-Corasick.</li> <li>Implemented DoubleEndedIterator on regex set match iterators.</li> </ul> <h1>0.1.74</h1> <ul> <li>Release regex-syntax 0.3.5 with a minor bug fix.</li> <li>Fix bug <a href="https://redirect.github.com/rust-lang/regex/issues/272">#272</a>.</li> <li>Fix bug <a href="https://redirect.github.com/rust-lang/regex/issues/277">#277</a>.</li> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/270">#270</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/270">rust-lang/regex#270</a>): Fixes bugs <a href="https://redirect.github.com/rust-lang/regex/issues/264">#264</a>, <a href="https://redirect.github.com/rust-lang/regex/issues/268">#268</a> and an unreported where the DFA cache size could be drastically underestimated in some cases (leading to high unexpected memory usage).</li> </ul> <h1>0.1.73</h1> <ul> <li>Release <code>regex-syntax 0.3.4</code>.</li> <li>Bump <code>regex-syntax</code> dependency version for <code>regex</code> to <code>0.3.4</code>.</li> </ul> <h1>0.1.72</h1> <ul> <li>[PR <a href="https://redirect.github.com/rust-lang/regex/issues/262">#262</a>](<a href="https://redirect.github.com/rust-lang/regex/pull/262">rust-lang/regex#262</a>): Fixes a number of small bugs caught by fuzz testing (AFL).</li> </ul> <h1>0.1.71</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/regex/commit/45c3da7681af3a513bedba067c440b76bcc9a16e"><code>45c3da7</code></a> regex-lite-0.1.7</li> <li><a href="https://github.com/rust-lang/regex/commit/873ed800c535bc3ef0711c1ee6f2726b89a8508c"><code>873ed80</code></a> regex-automata-0.4.10</li> <li><a href="https://github.com/rust-lang/regex/commit/ea834f8e1fd7b72a3c1b2319b1a47f0c50d43082"><code>ea834f8</code></a> regex-syntax-0.8.6</li> <li><a href="https://github.com/rust-lang/regex/commit/86836fbe841893ca2e06ccf24067ecbc67b0b0c5"><code>86836fb</code></a> changelog: 1.11.2</li> <li><a href="https://github.com/rust-lang/regex/commit/63a26c1a7fac5ebbed88471ebada05f7a465ffc8"><code>63a26c1</code></a> cargo: ensure that 'perf' doesn't enable 'std' implicitly (<a href="https://redirect.github.com/rust-lang/regex/issues/1150">#1150</a>)</li> <li><a href="https://github.com/rust-lang/regex/commit/dd96592be2c019abb268026904826e79d919d3c4"><code>dd96592</code></a> doc: clarify CRLF mode effect</li> <li><a href="https://github.com/rust-lang/regex/commit/931dae01925415354720952bfaa568a7f9fb369b"><code>931dae0</code></a> cargo: point <code>repository</code> metadata to clonable URLs</li> <li><a href="https://github.com/rust-lang/regex/commit/a66fde6e803421af6c949bd1f332048f2e7d1482"><code>a66fde6</code></a> doc: remove references to non-existent parameters</li> <li><a href="https://github.com/rust-lang/regex/commit/1873e96a7bc36595ddcfae1968ee84ed9af4ae04"><code>1873e96</code></a> automata: add <code>DFA::set_prefilter</code> method to the DFA types</li> <li><a href="https://github.com/rust-lang/regex/commit/89ff15310b72d73f64acaf77c37d350f14455164"><code>89ff153</code></a> doc: fix misspelling typo</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/regex/compare/regex-lite-0.1.6...regex-lite-0.1.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=regex-lite&package-manager=cargo&previous-version=0.1.6&new-version=0.1.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-02 09:09:17 -07:00
checksum = "943f41321c63ef1c92fd763bfe054d2668f7f225a5c29f0105903dc2fc04ba30"
chore: replace regex with regex-lite, where appropriate (#1200) As explained on https://crates.io/crates/regex-lite, `regex-lite` is a lighter alternative to `regex` and seems to be sufficient for our purposes.
2025-06-02 17:11:45 -07:00
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "regex-syntax"
version = "0.6.29"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1"
[[package]]
name = "regex-syntax"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.8.5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "2b15c43186be67a4fd63bee50d0303afffcef381492ebe2c5d87f324e1b8815c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "reqwest"
chore(deps): bump reqwest from 0.12.23 to 0.12.24 in /codex-rs (#7424) Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.23 to 0.12.24. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.12.24</h2> <h2>Highlights</h2> <ul> <li>Refactor cookie handling to an internal middleware.</li> <li>Refactor internal random generator.</li> <li>Refactor base64 encoding to reduce a copy.</li> <li>Documentation updates.</li> </ul> <h2>What's Changed</h2> <ul> <li>build(deps): silence unused deps in WASM build by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2799">seanmonstar/reqwest#2799</a></li> <li>perf(util): avoid extra copy when base64 encoding by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2805">seanmonstar/reqwest#2805</a></li> <li>docs: fix method name in changelog entry by <a href="https://github.com/johannespfrang"><code>@​johannespfrang</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2807">seanmonstar/reqwest#2807</a></li> <li>chore: Align the name usage of TotalTimeout by <a href="https://github.com/Xuanwo"><code>@​Xuanwo</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2657">seanmonstar/reqwest#2657</a></li> <li>refactor(cookie): add <code>CookieService</code> by <a href="https://github.com/linyihai"><code>@​linyihai</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2787">seanmonstar/reqwest#2787</a></li> <li>Fixes typo in retry max_retries_per_request doc comment re 2813 by <a href="https://github.com/dmackinn"><code>@​dmackinn</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2824">seanmonstar/reqwest#2824</a></li> <li>test(multipart): fix build failure with <code>no-default-features</code> by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2801">seanmonstar/reqwest#2801</a></li> <li>refactor(cookie): avoid duplicate cookie insertion by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2834">seanmonstar/reqwest#2834</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/johannespfrang"><code>@​johannespfrang</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2807">seanmonstar/reqwest#2807</a></li> <li><a href="https://github.com/dmackinn"><code>@​dmackinn</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2824">seanmonstar/reqwest#2824</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.23...v0.12.24">https://github.com/seanmonstar/reqwest/compare/v0.12.23...v0.12.24</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.12.24</h2> <ul> <li>Refactor cookie handling to an internal middleware.</li> <li>Refactor internal random generator.</li> <li>Refactor base64 encoding to reduce a copy.</li> <li>Documentation updates.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/seanmonstar/reqwest/commit/b126ca49da7897e5d676639cdbf67a0f6838b586"><code>b126ca4</code></a> v0.12.24</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/40234930965e692c260f82c5d97edb5348cdbd1e"><code>4023493</code></a> refactor: change fast_random from xorshift to siphash a counter</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/fd61bc93e6f936454ce0b978c6f282f06eee9287"><code>fd61bc9</code></a> refactor(cookie): avoid duplicate cookie insertion (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2834">#2834</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/0bfa5267769ccc3f6b27a44d0dfb444fd0783a6e"><code>0bfa526</code></a> test(multipart): fix build failure with <code>no-default-features</code> (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2801">#2801</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/994b8a0b7aa0a0ff6f87471f9e0d1a4dd2936fcd"><code>994b8a0</code></a> docs: typo in retry max_retries_per_request (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2824">#2824</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/da0702b762d6ee982ef041661d79df8eeb3aeb41"><code>da0702b</code></a> refactor(cookie): de-duplicate cookie support as <code>CookieService</code> middleware (...</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/7ebddeaa8728ea09f14e276d6330620168fda379"><code>7ebddea</code></a> chore: align internal name usage of TotalTimeout (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2657">#2657</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/b540a4e746acac4091eb6d39a2b5e2f3df48896b"><code>b540a4e</code></a> chore(readme): use correct CI status badge</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/e4550c4cc5a2bd0e447b7b3db548c6ef8202f47e"><code>e4550c4</code></a> docs: fix method name in changelog entry (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2807">#2807</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/f4694a29226cc443b3c58c86a3ffa97bd9f394a6"><code>f4694a2</code></a> perf(util): avoid extra copy when base64 encoding (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2805">#2805</a>)</li> <li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.23...v0.12.24">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reqwest&package-manager=cargo&previous-version=0.12.23&new-version=0.12.24)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:49 -08:00
version = "0.12.24"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump reqwest from 0.12.23 to 0.12.24 in /codex-rs (#7424) Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.23 to 0.12.24. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.12.24</h2> <h2>Highlights</h2> <ul> <li>Refactor cookie handling to an internal middleware.</li> <li>Refactor internal random generator.</li> <li>Refactor base64 encoding to reduce a copy.</li> <li>Documentation updates.</li> </ul> <h2>What's Changed</h2> <ul> <li>build(deps): silence unused deps in WASM build by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2799">seanmonstar/reqwest#2799</a></li> <li>perf(util): avoid extra copy when base64 encoding by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2805">seanmonstar/reqwest#2805</a></li> <li>docs: fix method name in changelog entry by <a href="https://github.com/johannespfrang"><code>@​johannespfrang</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2807">seanmonstar/reqwest#2807</a></li> <li>chore: Align the name usage of TotalTimeout by <a href="https://github.com/Xuanwo"><code>@​Xuanwo</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2657">seanmonstar/reqwest#2657</a></li> <li>refactor(cookie): add <code>CookieService</code> by <a href="https://github.com/linyihai"><code>@​linyihai</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2787">seanmonstar/reqwest#2787</a></li> <li>Fixes typo in retry max_retries_per_request doc comment re 2813 by <a href="https://github.com/dmackinn"><code>@​dmackinn</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2824">seanmonstar/reqwest#2824</a></li> <li>test(multipart): fix build failure with <code>no-default-features</code> by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2801">seanmonstar/reqwest#2801</a></li> <li>refactor(cookie): avoid duplicate cookie insertion by <a href="https://github.com/0x676e67"><code>@​0x676e67</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2834">seanmonstar/reqwest#2834</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/johannespfrang"><code>@​johannespfrang</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2807">seanmonstar/reqwest#2807</a></li> <li><a href="https://github.com/dmackinn"><code>@​dmackinn</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2824">seanmonstar/reqwest#2824</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.23...v0.12.24">https://github.com/seanmonstar/reqwest/compare/v0.12.23...v0.12.24</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.12.24</h2> <ul> <li>Refactor cookie handling to an internal middleware.</li> <li>Refactor internal random generator.</li> <li>Refactor base64 encoding to reduce a copy.</li> <li>Documentation updates.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/seanmonstar/reqwest/commit/b126ca49da7897e5d676639cdbf67a0f6838b586"><code>b126ca4</code></a> v0.12.24</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/40234930965e692c260f82c5d97edb5348cdbd1e"><code>4023493</code></a> refactor: change fast_random from xorshift to siphash a counter</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/fd61bc93e6f936454ce0b978c6f282f06eee9287"><code>fd61bc9</code></a> refactor(cookie): avoid duplicate cookie insertion (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2834">#2834</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/0bfa5267769ccc3f6b27a44d0dfb444fd0783a6e"><code>0bfa526</code></a> test(multipart): fix build failure with <code>no-default-features</code> (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2801">#2801</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/994b8a0b7aa0a0ff6f87471f9e0d1a4dd2936fcd"><code>994b8a0</code></a> docs: typo in retry max_retries_per_request (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2824">#2824</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/da0702b762d6ee982ef041661d79df8eeb3aeb41"><code>da0702b</code></a> refactor(cookie): de-duplicate cookie support as <code>CookieService</code> middleware (...</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/7ebddeaa8728ea09f14e276d6330620168fda379"><code>7ebddea</code></a> chore: align internal name usage of TotalTimeout (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2657">#2657</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/b540a4e746acac4091eb6d39a2b5e2f3df48896b"><code>b540a4e</code></a> chore(readme): use correct CI status badge</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/e4550c4cc5a2bd0e447b7b3db548c6ef8202f47e"><code>e4550c4</code></a> docs: fix method name in changelog entry (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2807">#2807</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/f4694a29226cc443b3c58c86a3ffa97bd9f394a6"><code>f4694a2</code></a> perf(util): avoid extra copy when base64 encoding (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2805">#2805</a>)</li> <li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.23...v0.12.24">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reqwest&package-manager=cargo&previous-version=0.12.23&new-version=0.12.24)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:49 -08:00
checksum = "9d0946410b9f7b082a427e4ef5c8ff541a88b357bc6c637c40db3a68ac70a36f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"bytes",
"encoding_rs",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
"futures-channel",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"futures-core",
"futures-util",
"h2",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"http-body",
"http-body-util",
"hyper",
"hyper-rustls",
"hyper-tls",
"hyper-util",
"js-sys",
"log",
"mime",
"native-tls",
"percent-encoding",
"pin-project-lite",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"quinn",
"rustls",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"rustls-native-certs",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"rustls-pki-types",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"serde",
"serde_json",
"serde_urlencoded",
"sync_wrapper",
"tokio",
"tokio-native-tls",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"tokio-rustls",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio-util",
"tower",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"tower-http",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tower-service",
"url",
"wasm-bindgen",
"wasm-bindgen-futures",
"wasm-streams",
"web-sys",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"webpki-roots",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "ring"
version = "0.17.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7"
dependencies = [
"cc",
"cfg-if",
"getrandom 0.2.16",
"libc",
"untrusted",
"windows-sys 0.52.0",
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "rmcp"
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
version = "0.12.0"
chore: update to rmcp@0.10.0 to pick up support for custom client notifications (#7462) In https://github.com/openai/codex/pull/7112, I updated our `rmcp` dependency to point to a personal fork while I tried to upstream my proposed change. Now that https://github.com/modelcontextprotocol/rust-sdk/pull/556 has been upstreamed and included in the `0.10.0` release of the crate, we can go back to using the mainline release.
2025-12-01 14:01:50 -08:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
checksum = "528d42f8176e6e5e71ea69182b17d1d0a19a6b3b894b564678b74cd7cab13cfa"
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
dependencies = [
feat: declare server capability in shell-tool-mcp (#7112) This introduces a new feature to Codex when it operates as an MCP _client_ where if an MCP _server_ replies that it has an entry named `"codex/sandbox-state"` in its _server capabilities_, then Codex will send it an MCP notification with the following structure: ```json { "method": "codex/sandbox-state/update", "params": { "sandboxPolicy": { "type": "workspace-write", "network-access": false, "exclude-tmpdir-env-var": false "exclude-slash-tmp": false }, "codexLinuxSandboxExe": null, "sandboxCwd": "/Users/mbolin/code/codex2" } } ``` or with whatever values are appropriate for the initial `sandboxPolicy`. **NOTE:** Codex _should_ continue to send the MCP server notifications of the same format if these things change over the lifetime of the thread, but that isn't wired up yet. The result is that `shell-tool-mcp` can consume these values so that when it calls `codex_core::exec::process_exec_tool_call()` in `codex-rs/exec-server/src/posix/escalate_server.rs`, it is now sure to call it with the correct values (whereas previously we relied on hardcoded values). While I would argue this is a supported use case within the MCP protocol, the `rmcp` crate that we are using today does not support custom notifications. As such, I had to patch it and I submitted it for review, so hopefully it will be accepted in some form: https://github.com/modelcontextprotocol/rust-sdk/pull/556 To test out this change from end-to-end: - I ran `cargo build` in `~/code/codex2/codex-rs/exec-server` - I built the fork of Bash in `~/code/bash/bash` - I added the following to my `~/.codex/config.toml`: ```toml # Use with `codex --disable shell_tool`. [mcp_servers.execshell] args = ["--bash", "/Users/mbolin/code/bash/bash"] command = "/Users/mbolin/code/codex2/codex-rs/target/debug/codex-exec-mcp-server" ``` - From `~/code/codex2/codex-rs`, I ran `just codex --disable shell_tool` - When the TUI started up, I verified that the sandbox mode is `workspace-write` - I ran `/mcp` to verify that the shell tool from the MCP is there: <img width="1387" height="1400" alt="image" src="https://github.com/user-attachments/assets/1a8addcc-5005-4e16-b59f-95cfd06fd4ab" /> - Then I asked it: > what is the output of `gh issue list` because this should be auto-approved with our existing dummy policy: https://github.com/openai/codex/blob/af63e6eccc35783f1bf4dca3c61adb090efb6b8a/codex-rs/exec-server/src/posix.rs#L157-L164 And it worked: <img width="1387" height="1400" alt="image" src="https://github.com/user-attachments/assets/7568d2f7-80da-4d68-86d0-c265a6f5e6c1" />
2025-11-21 16:11:01 -08:00
"async-trait",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"base64",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"bytes",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"chrono",
"futures",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"http-body",
"http-body-util",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"oauth2",
chore: update to rmcp@0.10.0 to pick up support for custom client notifications (#7462) In https://github.com/openai/codex/pull/7112, I updated our `rmcp` dependency to point to a personal fork while I tried to upstream my proposed change. Now that https://github.com/modelcontextprotocol/rust-sdk/pull/556 has been upstreamed and included in the `0.10.0` release of the crate, we can go back to using the mainline release.
2025-12-01 14:01:50 -08:00
"pastey",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"pin-project-lite",
"process-wrap",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"rand 0.9.2",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"reqwest",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"rmcp-macros",
"schemars 1.0.4",
"serde",
"serde_json",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"sse-stream",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"tokio",
"tokio-stream",
"tokio-util",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"tower-service",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"tracing",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"url",
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
"uuid",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
[[package]]
name = "rmcp-macros"
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
version = "0.12.0"
chore: update to rmcp@0.10.0 to pick up support for custom client notifications (#7462) In https://github.com/openai/codex/pull/7112, I updated our `rmcp` dependency to point to a personal fork while I tried to upstream my proposed change. Now that https://github.com/modelcontextprotocol/rust-sdk/pull/556 has been upstreamed and included in the `0.10.0` release of the crate, we can go back to using the mainline release.
2025-12-01 14:01:50 -08:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
checksum = "e3f81daaa494eb8e985c9462f7d6ce1ab05e5299f48aafd76cdd3d8b060e6f59"
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
dependencies = [
chore: upgrade rmcp crate from 0.10.0 to 0.12.0 (#8288) Version `0.12.0` includes https://github.com/modelcontextprotocol/rust-sdk/pull/590, which I will use in https://github.com/openai/codex/pull/8142. Changes: - `rmcp::model::CustomClientNotification` was renamed to `rmcp::model::CustomNotification` - a bunch of types have a `meta` field now, but it is `Option`, so I added `meta: None` to a bunch of things
2025-12-18 14:28:46 -08:00
"darling 0.23.0",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"proc-macro2",
"quote",
"serde_json",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "rustc-demangle"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.1.25"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "989e6739f80c4ad5b13e0fd7fe89531180375b18520cc8c82080e4dc4035b84f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "rustc-hash"
version = "2.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "357703d41365b4b27c590e3ed91eabb1b663f07c4c084095e60cbed4362dff0d"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "rustc_version"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cfcb3a22ef46e85b45de6ee7e79d063319ebb6594faafcf1c225ea92ab6e9b92"
dependencies = [
"semver",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "rustix"
version = "0.38.44"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fdb5bc1ae2baa591800df16c9ca78619bf65c0488b41b96ccec5d11220d8c154"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"errno",
"libc",
"linux-raw-sys 0.4.15",
feat: add shell snapshot for shell command (#7786)
2025-12-11 13:46:43 +00:00
"windows-sys 0.59.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "rustix"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "11181fbabf243db407ef8df94a6ce0b2f9a733bd8be4ad02b4eda9602296cac8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"errno",
"libc",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"linux-raw-sys 0.9.4",
"windows-sys 0.60.2",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "rustls"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.23.29"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "2491382039b29b9b11ff08b76ff6c97cf287671dbb74f0be44bda389fffe9bd1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
[codex][otel] support mtls configuration (#6228) fix for https://github.com/openai/codex/issues/6153 supports mTLS configuration and includes TLS features in the library build to enable secure HTTPS connections with custom root certificates. grpc: https://docs.rs/tonic/0.13.1/src/tonic/transport/channel/endpoint.rs.html#63 https: https://docs.rs/reqwest/0.12.23/src/reqwest/async_impl/client.rs.html#516
2025-11-18 14:01:01 -08:00
"log",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"once_cell",
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"ring",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"rustls-pki-types",
"rustls-webpki",
"subtle",
"zeroize",
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "rustls-native-certs"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7fcff2dd52b58a8d98a70243663a0d234c4e2b79235637849d15913394a247d3"
dependencies = [
"openssl-probe",
"rustls-pki-types",
"schannel",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"security-framework 3.5.1",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
name = "rustls-pki-types"
version = "1.12.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "229a4a4c221013e7e1f1a043678c5cc39fe5171437c88fb47151a21e6f5b5c79"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
"web-time",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"zeroize",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "rustls-webpki"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.103.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "0a17884ae0c1b773f1ccd2bd4a8c72f16da897310a98b0e84bf349ad5ead92fc"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"ring",
"rustls-pki-types",
"untrusted",
]
[[package]]
name = "rustversion"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.21"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "8a0d197bd2c9dc6e53b84da9556a69ba4cdfab8619eb41a8bd1cc2027a0f6b1d"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "rustyline"
version = "14.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7803e8936da37efd9b6d4478277f4b2b9bb5cdb37a113e8d63222e58da647e63"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"cfg-if",
"clipboard-win",
"fd-lock",
"home",
"libc",
"log",
"memchr",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"nix 0.28.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"radix_trie",
"unicode-segmentation",
"unicode-width 0.1.14",
"utf8parse",
"windows-sys 0.52.0",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "ryu"
version = "1.0.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "28d3b2b1366ec20994f1fd18c3c594f05c5dd4bc44d8bb0c1c632c8d6829481f"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "same-file"
version = "1.0.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502"
dependencies = [
"winapi-util",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "scc"
version = "2.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "46e6f046b7fef48e2660c57ed794263155d713de679057f2d0c169bfc6e756cc"
dependencies = [
"sdd",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "schannel"
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
version = "0.1.28"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
checksum = "891d81b926048e76efe18581bf793546b4c0eaf8448d72be8de2bbee5fd166e1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"windows-sys 0.61.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "schemafy"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8aea5ba40287dae331f2c48b64dbc8138541f5e97ee8793caa7948c1f31d86d5"
dependencies = [
"Inflector",
"schemafy_core",
"schemafy_lib",
"serde",
"serde_derive",
"serde_json",
"serde_repr",
"syn 1.0.109",
]
[[package]]
name = "schemafy_core"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "41781ae092f4fd52c9287efb74456aea0d3b90032d2ecad272bd14dbbcb0511b"
dependencies = [
"serde",
"serde_json",
]
[[package]]
name = "schemafy_lib"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e953db32579999ca98c451d80801b6f6a7ecba6127196c5387ec0774c528befa"
dependencies = [
"Inflector",
"proc-macro2",
"quote",
"schemafy_core",
"serde",
"serde_derive",
"serde_json",
"syn 1.0.109",
]
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
[[package]]
name = "schemars"
version = "0.8.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3fbf2ae1b8bc8e02df939598064d22402220cd5bbcca1c76f7d6a310974d5615"
dependencies = [
"dyn-clone",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"schemars_derive 0.8.22",
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
"serde",
"serde_json",
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "schemars"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4cd191f9397d57d581cddd31014772520aa448f65ef991055d7f61582c65165f"
dependencies = [
"dyn-clone",
"ref-cast",
"serde",
"serde_json",
]
[[package]]
name = "schemars"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "82d20c4491bc164fa2f6c5d44565947a52ad80b9505d8e36f8d54c27c739fcd0"
dependencies = [
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"chrono",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"dyn-clone",
"ref-cast",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"schemars_derive 1.0.4",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"serde",
"serde_json",
]
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
[[package]]
name = "schemars_derive"
version = "0.8.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "32e265784ad618884abaea0600a9adf15393368d840e0222d101a072f3f7534d"
dependencies = [
"proc-macro2",
"quote",
"serde_derive_internals",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "schemars_derive"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "33d020396d1d138dc19f1165df7545479dcd58d93810dc5d646a16e55abefa80"
dependencies = [
"proc-macro2",
"quote",
"serde_derive_internals",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "scopeguard"
version = "1.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "sdd"
version = "3.0.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "490dcfcbfef26be6800d11870ff2df8774fa6e86d047e3e8c8a76b25655e41ca"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "seccompiler"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a4ae55de56877481d112a559bbc12667635fdaf5e005712fd4e2b2fa50ffc884"
dependencies = [
"libc",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "secret-service"
version = "4.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e4d35ad99a181be0a60ffcbe85d680d98f87bdc4d7644ade319b87076b9dbfd4"
dependencies = [
"aes",
"cbc",
"futures-util",
"generic-array",
"hkdf",
"num",
"once_cell",
"rand 0.8.5",
"serde",
"sha2",
"zbus",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "security-framework"
version = "2.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "897b2245f0b511c87893af39b033e5ca9cce68824c4d7e7630b5a1d339658d02"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
"core-foundation 0.9.4",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"core-foundation-sys",
"libc",
"security-framework-sys",
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "security-framework"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "3.5.1"
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "b3297343eaf830f66ede390ea39da1d462b6b0c1b000f420d0a83f898bbbe6ef"
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"core-foundation 0.10.1",
"core-foundation-sys",
"libc",
"security-framework-sys",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "security-framework-sys"
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
version = "2.15.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
checksum = "cc1f0cbffaac4852523ce30d8bd3c5cdc873501d96ff467ca09b6767bb8cd5c0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"core-foundation-sys",
"libc",
]
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "semver"
version = "1.0.27"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d767eb0aabc880b29956c35734170f26ed551a859dbd361d140cdbeca61ab1e2"
[[package]]
name = "sentry"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "d9794f69ad475e76c057e326175d3088509649e3aed98473106b9fe94ba59424"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
"httpdate",
"native-tls",
"reqwest",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"sentry-actix",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
"sentry-backtrace",
"sentry-contexts",
"sentry-core",
"sentry-debug-images",
"sentry-panic",
"sentry-tracing",
"tokio",
"ureq",
]
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "sentry-actix"
version = "0.46.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e0fee202934063ace4f1d1d063113b8982293762628e563a2d2fba08fb20b110"
dependencies = [
"actix-http",
"actix-web",
"bytes",
"futures-util",
"sentry-core",
]
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "sentry-backtrace"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "e81137ad53b8592bd0935459ad74c0376053c40084aa170451e74eeea8dbc6c3"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
"backtrace",
"regex",
"sentry-core",
]
[[package]]
name = "sentry-contexts"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "cfb403c66cc2651a01b9bacda2e7c22cd51f7e8f56f206aa4310147eb3259282"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
"hostname",
"libc",
"os_info",
"rustc_version",
"sentry-core",
"uname",
]
[[package]]
name = "sentry-core"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "cfc409727ae90765ca8ea76fe6c949d6f159a11d02e130b357fa652ee9efcada"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"rand 0.9.2",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
"sentry-types",
"serde",
"serde_json",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"url",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
]
[[package]]
name = "sentry-debug-images"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "06a2778a222fd90ebb01027c341a72f8e24b0c604c6126504a4fe34e5500e646"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
"findshlibs",
"sentry-core",
]
[[package]]
name = "sentry-panic"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "3df79f4e1e72b2a8b75a0ebf49e78709ceb9b3f0b451f13adc92a0361b0aaabe"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
"sentry-backtrace",
"sentry-core",
]
[[package]]
name = "sentry-tracing"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "ff2046f527fd4b75e0b6ab3bd656c67dce42072f828dc4d03c206d15dca74a93"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"bitflags 2.10.0",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
"sentry-backtrace",
"sentry-core",
"tracing-core",
"tracing-subscriber",
]
[[package]]
name = "sentry-types"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "0.46.0"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "c7b9b4e4c03a4d3643c18c78b8aa91d2cbee5da047d2fa0ca4bb29bc67e6c55c"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
"debugid",
"hex",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"rand 0.9.2",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
"serde",
"serde_json",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"thiserror 2.0.17",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
"time",
"url",
"uuid",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "serde"
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
version = "1.0.228"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e"
chore(deps): bump serde_json from 1.0.143 to 1.0.145 in /codex-rs (#3617) Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.143 to 1.0.145. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.145</h2> <ul> <li>Raise serde version requirement to &gt;=1.0.220</li> </ul> <h2>v1.0.144</h2> <ul> <li>Switch serde dependency to serde_core (<a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/efa66e3a1d61459ab2d325f92ebe3acbd6ca18b1"><code>efa66e3</code></a> Release 1.0.145</li> <li><a href="https://github.com/serde-rs/json/commit/23679e2b9d7e4dcaef797ca7c51a4ffb6fce9f36"><code>23679e2</code></a> Add serde version constraint</li> <li><a href="https://github.com/serde-rs/json/commit/fc27bafbf740abc5e5733ec1dd2b5ae25695f895"><code>fc27baf</code></a> Release 1.0.144</li> <li><a href="https://github.com/serde-rs/json/commit/caef3c6ea69e126d18ee8b43dcc2c89d81207815"><code>caef3c6</code></a> Ignore uninlined_format_args pedantic clippy lint</li> <li><a href="https://github.com/serde-rs/json/commit/81ba3aaaff5c3736dd8b762dd1a0cf992bf60593"><code>81ba3aa</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a> from dtolnay/serdecore</li> <li><a href="https://github.com/serde-rs/json/commit/d21e8ce7a7cc0bab2d53293de42b6343ef1d9144"><code>d21e8ce</code></a> Switch serde dependency to serde_core</li> <li><a href="https://github.com/serde-rs/json/commit/6beb6cd596a00f8838dc0cfc8876ed8fd065896f"><code>6beb6cd</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1286">#1286</a> from dtolnay/up</li> <li><a href="https://github.com/serde-rs/json/commit/1dbc803749213eca37080cc7f29f5aee3ac18941"><code>1dbc803</code></a> Raise required compiler to Rust 1.61</li> <li><a href="https://github.com/serde-rs/json/commit/0bf5d87003aebbbb2b46c96e668283215971d98d"><code>0bf5d87</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/serde-rs/json/commit/d12e943590208da738c092db92c34b39796a2538"><code>d12e943</code></a> Update actions/checkout@v4 -&gt; v5</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.143...v1.0.145">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.143&new-version=1.0.145)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 11:58:57 -07:00
dependencies = [
"serde_core",
"serde_derive",
]
[[package]]
name = "serde_core"
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
version = "1.0.228"
chore(deps): bump serde_json from 1.0.143 to 1.0.145 in /codex-rs (#3617) Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.143 to 1.0.145. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.145</h2> <ul> <li>Raise serde version requirement to &gt;=1.0.220</li> </ul> <h2>v1.0.144</h2> <ul> <li>Switch serde dependency to serde_core (<a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/efa66e3a1d61459ab2d325f92ebe3acbd6ca18b1"><code>efa66e3</code></a> Release 1.0.145</li> <li><a href="https://github.com/serde-rs/json/commit/23679e2b9d7e4dcaef797ca7c51a4ffb6fce9f36"><code>23679e2</code></a> Add serde version constraint</li> <li><a href="https://github.com/serde-rs/json/commit/fc27bafbf740abc5e5733ec1dd2b5ae25695f895"><code>fc27baf</code></a> Release 1.0.144</li> <li><a href="https://github.com/serde-rs/json/commit/caef3c6ea69e126d18ee8b43dcc2c89d81207815"><code>caef3c6</code></a> Ignore uninlined_format_args pedantic clippy lint</li> <li><a href="https://github.com/serde-rs/json/commit/81ba3aaaff5c3736dd8b762dd1a0cf992bf60593"><code>81ba3aa</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a> from dtolnay/serdecore</li> <li><a href="https://github.com/serde-rs/json/commit/d21e8ce7a7cc0bab2d53293de42b6343ef1d9144"><code>d21e8ce</code></a> Switch serde dependency to serde_core</li> <li><a href="https://github.com/serde-rs/json/commit/6beb6cd596a00f8838dc0cfc8876ed8fd065896f"><code>6beb6cd</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1286">#1286</a> from dtolnay/up</li> <li><a href="https://github.com/serde-rs/json/commit/1dbc803749213eca37080cc7f29f5aee3ac18941"><code>1dbc803</code></a> Raise required compiler to Rust 1.61</li> <li><a href="https://github.com/serde-rs/json/commit/0bf5d87003aebbbb2b46c96e668283215971d98d"><code>0bf5d87</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/serde-rs/json/commit/d12e943590208da738c092db92c34b39796a2538"><code>d12e943</code></a> Update actions/checkout@v4 -&gt; v5</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.143...v1.0.145">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.143&new-version=1.0.145)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 11:58:57 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"serde_derive",
]
[[package]]
name = "serde_derive"
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
version = "1.0.228"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
feat: TUI undo op (#5629)
2025-10-27 10:55:29 +00:00
checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
[[package]]
name = "serde_derive_internals"
version = "0.29.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "18d26a20a969b9e3fdf2fc2d9f21eda6c40e2de84c9408bb5d3b05d499aae711"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: make Codex available as a tool when running it as an MCP server (#811) This PR replaces the placeholder `"echo"` tool call in the MCP server with a `"codex"` tool that calls Codex. Events such as `ExecApprovalRequest` and `ApplyPatchApprovalRequest` are not handled properly yet, but I have `approval_policy = "never"` set in my `~/.codex/config.toml` such that those codepaths are not exercised. The schema for this MPC tool is defined by a new `CodexToolCallParam` struct introduced in this PR. It is fairly similar to `ConfigOverrides`, as the param is used to help create the `Config` used to start the Codex session, though it also includes the `prompt` used to kick off the session. This PR also introduces the use of the third-party `schemars` crate to generate the JSON schema, which is verified in the `verify_codex_tool_json_schema()` unit test. Events that are dispatched during the Codex session are sent back to the MCP client as MCP notifications. This gives the client a way to monitor progress as the tool call itself may take minutes to complete depending on the complexity of the task requested by the user. In the video below, I launched the server via: ```shell mcp-server$ RUST_LOG=debug npx @modelcontextprotocol/inspector cargo run -- ``` In the video, you can see the flow of: * requesting the list of tools * choosing the **codex** tool * entering a value for **prompt** and then making the tool call Note that I left the other fields blank because when unspecified, the values in my `~/.codex/config.toml` were used: https://github.com/user-attachments/assets/1975058c-b004-43ef-8c8d-800a953b8192 Note that while using the inspector, I did run into https://github.com/modelcontextprotocol/inspector/issues/293, though the tip about ensuring I had only one instance of the **MCP Inspector** tab open in my browser seemed to fix things.
2025-05-05 07:16:19 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "serde_json"
chore(deps): bump serde_json from 1.0.143 to 1.0.145 in /codex-rs (#3617) Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.143 to 1.0.145. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.145</h2> <ul> <li>Raise serde version requirement to &gt;=1.0.220</li> </ul> <h2>v1.0.144</h2> <ul> <li>Switch serde dependency to serde_core (<a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/efa66e3a1d61459ab2d325f92ebe3acbd6ca18b1"><code>efa66e3</code></a> Release 1.0.145</li> <li><a href="https://github.com/serde-rs/json/commit/23679e2b9d7e4dcaef797ca7c51a4ffb6fce9f36"><code>23679e2</code></a> Add serde version constraint</li> <li><a href="https://github.com/serde-rs/json/commit/fc27bafbf740abc5e5733ec1dd2b5ae25695f895"><code>fc27baf</code></a> Release 1.0.144</li> <li><a href="https://github.com/serde-rs/json/commit/caef3c6ea69e126d18ee8b43dcc2c89d81207815"><code>caef3c6</code></a> Ignore uninlined_format_args pedantic clippy lint</li> <li><a href="https://github.com/serde-rs/json/commit/81ba3aaaff5c3736dd8b762dd1a0cf992bf60593"><code>81ba3aa</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a> from dtolnay/serdecore</li> <li><a href="https://github.com/serde-rs/json/commit/d21e8ce7a7cc0bab2d53293de42b6343ef1d9144"><code>d21e8ce</code></a> Switch serde dependency to serde_core</li> <li><a href="https://github.com/serde-rs/json/commit/6beb6cd596a00f8838dc0cfc8876ed8fd065896f"><code>6beb6cd</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1286">#1286</a> from dtolnay/up</li> <li><a href="https://github.com/serde-rs/json/commit/1dbc803749213eca37080cc7f29f5aee3ac18941"><code>1dbc803</code></a> Raise required compiler to Rust 1.61</li> <li><a href="https://github.com/serde-rs/json/commit/0bf5d87003aebbbb2b46c96e668283215971d98d"><code>0bf5d87</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/serde-rs/json/commit/d12e943590208da738c092db92c34b39796a2538"><code>d12e943</code></a> Update actions/checkout@v4 -&gt; v5</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.143...v1.0.145">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.143&new-version=1.0.145)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 11:58:57 -07:00
version = "1.0.145"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump serde_json from 1.0.143 to 1.0.145 in /codex-rs (#3617) Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.143 to 1.0.145. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.145</h2> <ul> <li>Raise serde version requirement to &gt;=1.0.220</li> </ul> <h2>v1.0.144</h2> <ul> <li>Switch serde dependency to serde_core (<a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/efa66e3a1d61459ab2d325f92ebe3acbd6ca18b1"><code>efa66e3</code></a> Release 1.0.145</li> <li><a href="https://github.com/serde-rs/json/commit/23679e2b9d7e4dcaef797ca7c51a4ffb6fce9f36"><code>23679e2</code></a> Add serde version constraint</li> <li><a href="https://github.com/serde-rs/json/commit/fc27bafbf740abc5e5733ec1dd2b5ae25695f895"><code>fc27baf</code></a> Release 1.0.144</li> <li><a href="https://github.com/serde-rs/json/commit/caef3c6ea69e126d18ee8b43dcc2c89d81207815"><code>caef3c6</code></a> Ignore uninlined_format_args pedantic clippy lint</li> <li><a href="https://github.com/serde-rs/json/commit/81ba3aaaff5c3736dd8b762dd1a0cf992bf60593"><code>81ba3aa</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a> from dtolnay/serdecore</li> <li><a href="https://github.com/serde-rs/json/commit/d21e8ce7a7cc0bab2d53293de42b6343ef1d9144"><code>d21e8ce</code></a> Switch serde dependency to serde_core</li> <li><a href="https://github.com/serde-rs/json/commit/6beb6cd596a00f8838dc0cfc8876ed8fd065896f"><code>6beb6cd</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1286">#1286</a> from dtolnay/up</li> <li><a href="https://github.com/serde-rs/json/commit/1dbc803749213eca37080cc7f29f5aee3ac18941"><code>1dbc803</code></a> Raise required compiler to Rust 1.61</li> <li><a href="https://github.com/serde-rs/json/commit/0bf5d87003aebbbb2b46c96e668283215971d98d"><code>0bf5d87</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/serde-rs/json/commit/d12e943590208da738c092db92c34b39796a2538"><code>d12e943</code></a> Update actions/checkout@v4 -&gt; v5</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.143...v1.0.145">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.143&new-version=1.0.145)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 11:58:57 -07:00
checksum = "402a6f66d8c709116cf22f558eab210f5a50187f702eb4d7e5ef38d9a7f1c79c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"itoa",
"memchr",
"ryu",
"serde",
chore(deps): bump serde_json from 1.0.143 to 1.0.145 in /codex-rs (#3617) Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.143 to 1.0.145. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.145</h2> <ul> <li>Raise serde version requirement to &gt;=1.0.220</li> </ul> <h2>v1.0.144</h2> <ul> <li>Switch serde dependency to serde_core (<a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/efa66e3a1d61459ab2d325f92ebe3acbd6ca18b1"><code>efa66e3</code></a> Release 1.0.145</li> <li><a href="https://github.com/serde-rs/json/commit/23679e2b9d7e4dcaef797ca7c51a4ffb6fce9f36"><code>23679e2</code></a> Add serde version constraint</li> <li><a href="https://github.com/serde-rs/json/commit/fc27bafbf740abc5e5733ec1dd2b5ae25695f895"><code>fc27baf</code></a> Release 1.0.144</li> <li><a href="https://github.com/serde-rs/json/commit/caef3c6ea69e126d18ee8b43dcc2c89d81207815"><code>caef3c6</code></a> Ignore uninlined_format_args pedantic clippy lint</li> <li><a href="https://github.com/serde-rs/json/commit/81ba3aaaff5c3736dd8b762dd1a0cf992bf60593"><code>81ba3aa</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1285">#1285</a> from dtolnay/serdecore</li> <li><a href="https://github.com/serde-rs/json/commit/d21e8ce7a7cc0bab2d53293de42b6343ef1d9144"><code>d21e8ce</code></a> Switch serde dependency to serde_core</li> <li><a href="https://github.com/serde-rs/json/commit/6beb6cd596a00f8838dc0cfc8876ed8fd065896f"><code>6beb6cd</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1286">#1286</a> from dtolnay/up</li> <li><a href="https://github.com/serde-rs/json/commit/1dbc803749213eca37080cc7f29f5aee3ac18941"><code>1dbc803</code></a> Raise required compiler to Rust 1.61</li> <li><a href="https://github.com/serde-rs/json/commit/0bf5d87003aebbbb2b46c96e668283215971d98d"><code>0bf5d87</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/serde-rs/json/commit/d12e943590208da738c092db92c34b39796a2538"><code>d12e943</code></a> Update actions/checkout@v4 -&gt; v5</li> <li>See full diff in <a href="https://github.com/serde-rs/json/compare/v1.0.143...v1.0.145">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.143&new-version=1.0.145)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 11:58:57 -07:00
"serde_core",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "serde_path_to_error"
version = "0.1.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "10a9ff822e371bb5403e391ecd83e182e0e77ba7f6fe0160b795797109d1b457"
dependencies = [
"itoa",
"serde",
"serde_core",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "serde_repr"
version = "0.1.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "175ee3e80ae9982737ca543e96133087cbd9a485eecc3bc4de9c1a37b47ea59c"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "serde_spanned"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "40734c41988f7306bb04f0ecf60ec0f3f1caa34290e4e8ea471dcd3346483b83"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"serde",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "serde_urlencoded"
version = "0.7.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d3491c14715ca2294c4d6a88f15e84739788c1d030eed8c110436aafdaa2f3fd"
dependencies = [
"form_urlencoded",
"itoa",
"ryu",
"serde",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "serde_with"
chore(deps): bump serde_with from 3.14.0 to 3.16.1 in /codex-rs (#7422) Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.14.0 to 3.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jonasbb/serde_with/releases">serde_with's releases</a>.</em></p> <blockquote> <h2>serde_with v3.16.1</h2> <h3>Fixed</h3> <ul> <li>Fix <code>JsonSchemaAs</code> of <code>SetPreventDuplicates</code> and <code>SetLastValueWins</code>. (<a href="https://redirect.github.com/jonasbb/serde_with/issues/906">#906</a>, <a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> </ul> <h2>serde_with v3.16.0</h2> <h3>Added</h3> <ul> <li>Added support for <code>smallvec</code> v1 under the <code>smallvec_1</code> feature flag by <a href="https://github.com/isharma228"><code>@​isharma228</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/895">#895</a>)</li> <li>Add <code>JsonSchemaAs</code> implementation for <code>json::JsonString</code> by <a href="https://github.com/yogevm15"><code>@​yogevm15</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/901">#901</a>)</li> </ul> <h2>serde_with v3.15.1</h2> <h3>Fixed</h3> <ul> <li>Fix building of the documentation by updating references to use <code>serde_core</code>.</li> </ul> <h2>serde_with v3.15.0</h2> <h3>Added</h3> <ul> <li> <p>Added error inspection to <code>VecSkipError</code> and <code>MapSkipError</code> by <a href="https://github.com/michelhe"><code>@​michelhe</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/878">#878</a>) This allows interacting with the previously hidden error, for example for logging. Checkout the newly added example to both types.</p> </li> <li> <p>Allow documenting the types generated by <code>serde_conv!</code>. The <code>serde_conv!</code> macro now acceps outer attributes before the optional visibility modifier. This allow adding doc comments in the shape of <code>#[doc = &quot;...&quot;]</code> or any other attributes, such as lint modifiers.</p> <pre lang="rust"><code>serde_conv!( #[doc = &quot;Serialize bools as string&quot;] #[allow(dead_code)] pub BoolAsString, bool, |x: &amp;bool| ::std::string::ToString::to_string(x), |x: ::std::string::String| x.parse() ); </code></pre> </li> <li> <p>Add support for <code>hashbrown</code> v0.16 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/877">#877</a>)</p> <p>This extends the existing support for <code>hashbrown</code> v0.14 and v0.15 to the newly released version.</p> </li> </ul> <h3>Changed</h3> <ul> <li>Bump MSRV to 1.76, since that is required for <code>toml</code> dev-dependency.</li> </ul> <h2>serde_with v3.14.1</h2> <h3>Fixed</h3> <ul> <li>Show macro expansion in the docs.rs generated rustdoc.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonasbb/serde_with/commit/8513323fda11d534cde3e601c7d7073b089a849d"><code>8513323</code></a> Bump version to 3.16.1 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/908">#908</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/5392bbe75ea020264fdb9d5c81290af62c239bc3"><code>5392bbe</code></a> Bump version to 3.16.1</li> <li><a href="https://github.com/jonasbb/serde_with/commit/1e54f1cd38b6c5a0d2765377f46abec16e6972c5"><code>1e54f1c</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/06501806455df8ad09b988d062e9bf1a921d1876"><code>0650180</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/41d1033438be0bf99cbe5c2174f8a8928dbfd188"><code>41d1033</code></a> Fix test conditions for schemars tests to include &quot;hex&quot; feature</li> <li><a href="https://github.com/jonasbb/serde_with/commit/2eed58af053f1e9081c67d9865a619c3c6afd4e3"><code>2eed58a</code></a> Bump the github-actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/jonasbb/serde_with/issues/905">#905</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/ed040f2330a72456708f4f649e7bdbb27f70f00e"><code>ed040f2</code></a> Bump the github-actions group across 1 directory with 2 updates</li> <li><a href="https://github.com/jonasbb/serde_with/commit/fa2129b1b994f527493ee230b7f64cd107719122"><code>fa2129b</code></a> Bump ron from 0.11.0 to 0.12.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/904">#904</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/b55cb9975786db62f0f4704a9a590dcb4ad1966c"><code>b55cb99</code></a> Bump ron from 0.11.0 to 0.12.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/066b9d4019ffd33408bd6829184c0a90bf559cc2"><code>066b9d4</code></a> Bump version to 3.16.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/903">#903</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jonasbb/serde_with/compare/v3.14.0...v3.16.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_with&package-manager=cargo&previous-version=3.14.0&new-version=3.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:32 -08:00
version = "3.16.1"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump serde_with from 3.14.0 to 3.16.1 in /codex-rs (#7422) Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.14.0 to 3.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jonasbb/serde_with/releases">serde_with's releases</a>.</em></p> <blockquote> <h2>serde_with v3.16.1</h2> <h3>Fixed</h3> <ul> <li>Fix <code>JsonSchemaAs</code> of <code>SetPreventDuplicates</code> and <code>SetLastValueWins</code>. (<a href="https://redirect.github.com/jonasbb/serde_with/issues/906">#906</a>, <a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> </ul> <h2>serde_with v3.16.0</h2> <h3>Added</h3> <ul> <li>Added support for <code>smallvec</code> v1 under the <code>smallvec_1</code> feature flag by <a href="https://github.com/isharma228"><code>@​isharma228</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/895">#895</a>)</li> <li>Add <code>JsonSchemaAs</code> implementation for <code>json::JsonString</code> by <a href="https://github.com/yogevm15"><code>@​yogevm15</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/901">#901</a>)</li> </ul> <h2>serde_with v3.15.1</h2> <h3>Fixed</h3> <ul> <li>Fix building of the documentation by updating references to use <code>serde_core</code>.</li> </ul> <h2>serde_with v3.15.0</h2> <h3>Added</h3> <ul> <li> <p>Added error inspection to <code>VecSkipError</code> and <code>MapSkipError</code> by <a href="https://github.com/michelhe"><code>@​michelhe</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/878">#878</a>) This allows interacting with the previously hidden error, for example for logging. Checkout the newly added example to both types.</p> </li> <li> <p>Allow documenting the types generated by <code>serde_conv!</code>. The <code>serde_conv!</code> macro now acceps outer attributes before the optional visibility modifier. This allow adding doc comments in the shape of <code>#[doc = &quot;...&quot;]</code> or any other attributes, such as lint modifiers.</p> <pre lang="rust"><code>serde_conv!( #[doc = &quot;Serialize bools as string&quot;] #[allow(dead_code)] pub BoolAsString, bool, |x: &amp;bool| ::std::string::ToString::to_string(x), |x: ::std::string::String| x.parse() ); </code></pre> </li> <li> <p>Add support for <code>hashbrown</code> v0.16 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/877">#877</a>)</p> <p>This extends the existing support for <code>hashbrown</code> v0.14 and v0.15 to the newly released version.</p> </li> </ul> <h3>Changed</h3> <ul> <li>Bump MSRV to 1.76, since that is required for <code>toml</code> dev-dependency.</li> </ul> <h2>serde_with v3.14.1</h2> <h3>Fixed</h3> <ul> <li>Show macro expansion in the docs.rs generated rustdoc.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonasbb/serde_with/commit/8513323fda11d534cde3e601c7d7073b089a849d"><code>8513323</code></a> Bump version to 3.16.1 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/908">#908</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/5392bbe75ea020264fdb9d5c81290af62c239bc3"><code>5392bbe</code></a> Bump version to 3.16.1</li> <li><a href="https://github.com/jonasbb/serde_with/commit/1e54f1cd38b6c5a0d2765377f46abec16e6972c5"><code>1e54f1c</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/06501806455df8ad09b988d062e9bf1a921d1876"><code>0650180</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/41d1033438be0bf99cbe5c2174f8a8928dbfd188"><code>41d1033</code></a> Fix test conditions for schemars tests to include &quot;hex&quot; feature</li> <li><a href="https://github.com/jonasbb/serde_with/commit/2eed58af053f1e9081c67d9865a619c3c6afd4e3"><code>2eed58a</code></a> Bump the github-actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/jonasbb/serde_with/issues/905">#905</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/ed040f2330a72456708f4f649e7bdbb27f70f00e"><code>ed040f2</code></a> Bump the github-actions group across 1 directory with 2 updates</li> <li><a href="https://github.com/jonasbb/serde_with/commit/fa2129b1b994f527493ee230b7f64cd107719122"><code>fa2129b</code></a> Bump ron from 0.11.0 to 0.12.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/904">#904</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/b55cb9975786db62f0f4704a9a590dcb4ad1966c"><code>b55cb99</code></a> Bump ron from 0.11.0 to 0.12.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/066b9d4019ffd33408bd6829184c0a90bf559cc2"><code>066b9d4</code></a> Bump version to 3.16.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/903">#903</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jonasbb/serde_with/compare/v3.14.0...v3.16.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_with&package-manager=cargo&previous-version=3.14.0&new-version=3.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:32 -08:00
checksum = "4fa237f2807440d238e0364a218270b98f767a00d3dada77b1c53ae88940e2e7"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"chrono",
"hex",
"indexmap 1.9.3",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"schemars 0.9.0",
"schemars 1.0.4",
chore(deps): bump serde_with from 3.14.0 to 3.16.1 in /codex-rs (#7422) Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.14.0 to 3.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jonasbb/serde_with/releases">serde_with's releases</a>.</em></p> <blockquote> <h2>serde_with v3.16.1</h2> <h3>Fixed</h3> <ul> <li>Fix <code>JsonSchemaAs</code> of <code>SetPreventDuplicates</code> and <code>SetLastValueWins</code>. (<a href="https://redirect.github.com/jonasbb/serde_with/issues/906">#906</a>, <a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> </ul> <h2>serde_with v3.16.0</h2> <h3>Added</h3> <ul> <li>Added support for <code>smallvec</code> v1 under the <code>smallvec_1</code> feature flag by <a href="https://github.com/isharma228"><code>@​isharma228</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/895">#895</a>)</li> <li>Add <code>JsonSchemaAs</code> implementation for <code>json::JsonString</code> by <a href="https://github.com/yogevm15"><code>@​yogevm15</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/901">#901</a>)</li> </ul> <h2>serde_with v3.15.1</h2> <h3>Fixed</h3> <ul> <li>Fix building of the documentation by updating references to use <code>serde_core</code>.</li> </ul> <h2>serde_with v3.15.0</h2> <h3>Added</h3> <ul> <li> <p>Added error inspection to <code>VecSkipError</code> and <code>MapSkipError</code> by <a href="https://github.com/michelhe"><code>@​michelhe</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/878">#878</a>) This allows interacting with the previously hidden error, for example for logging. Checkout the newly added example to both types.</p> </li> <li> <p>Allow documenting the types generated by <code>serde_conv!</code>. The <code>serde_conv!</code> macro now acceps outer attributes before the optional visibility modifier. This allow adding doc comments in the shape of <code>#[doc = &quot;...&quot;]</code> or any other attributes, such as lint modifiers.</p> <pre lang="rust"><code>serde_conv!( #[doc = &quot;Serialize bools as string&quot;] #[allow(dead_code)] pub BoolAsString, bool, |x: &amp;bool| ::std::string::ToString::to_string(x), |x: ::std::string::String| x.parse() ); </code></pre> </li> <li> <p>Add support for <code>hashbrown</code> v0.16 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/877">#877</a>)</p> <p>This extends the existing support for <code>hashbrown</code> v0.14 and v0.15 to the newly released version.</p> </li> </ul> <h3>Changed</h3> <ul> <li>Bump MSRV to 1.76, since that is required for <code>toml</code> dev-dependency.</li> </ul> <h2>serde_with v3.14.1</h2> <h3>Fixed</h3> <ul> <li>Show macro expansion in the docs.rs generated rustdoc.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonasbb/serde_with/commit/8513323fda11d534cde3e601c7d7073b089a849d"><code>8513323</code></a> Bump version to 3.16.1 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/908">#908</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/5392bbe75ea020264fdb9d5c81290af62c239bc3"><code>5392bbe</code></a> Bump version to 3.16.1</li> <li><a href="https://github.com/jonasbb/serde_with/commit/1e54f1cd38b6c5a0d2765377f46abec16e6972c5"><code>1e54f1c</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/06501806455df8ad09b988d062e9bf1a921d1876"><code>0650180</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/41d1033438be0bf99cbe5c2174f8a8928dbfd188"><code>41d1033</code></a> Fix test conditions for schemars tests to include &quot;hex&quot; feature</li> <li><a href="https://github.com/jonasbb/serde_with/commit/2eed58af053f1e9081c67d9865a619c3c6afd4e3"><code>2eed58a</code></a> Bump the github-actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/jonasbb/serde_with/issues/905">#905</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/ed040f2330a72456708f4f649e7bdbb27f70f00e"><code>ed040f2</code></a> Bump the github-actions group across 1 directory with 2 updates</li> <li><a href="https://github.com/jonasbb/serde_with/commit/fa2129b1b994f527493ee230b7f64cd107719122"><code>fa2129b</code></a> Bump ron from 0.11.0 to 0.12.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/904">#904</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/b55cb9975786db62f0f4704a9a590dcb4ad1966c"><code>b55cb99</code></a> Bump ron from 0.11.0 to 0.12.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/066b9d4019ffd33408bd6829184c0a90bf559cc2"><code>066b9d4</code></a> Bump version to 3.16.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/903">#903</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jonasbb/serde_with/compare/v3.14.0...v3.16.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_with&package-manager=cargo&previous-version=3.14.0&new-version=3.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:32 -08:00
"serde_core",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"serde_json",
"serde_with_macros",
"time",
]
[[package]]
name = "serde_with_macros"
chore(deps): bump serde_with from 3.14.0 to 3.16.1 in /codex-rs (#7422) Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.14.0 to 3.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jonasbb/serde_with/releases">serde_with's releases</a>.</em></p> <blockquote> <h2>serde_with v3.16.1</h2> <h3>Fixed</h3> <ul> <li>Fix <code>JsonSchemaAs</code> of <code>SetPreventDuplicates</code> and <code>SetLastValueWins</code>. (<a href="https://redirect.github.com/jonasbb/serde_with/issues/906">#906</a>, <a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> </ul> <h2>serde_with v3.16.0</h2> <h3>Added</h3> <ul> <li>Added support for <code>smallvec</code> v1 under the <code>smallvec_1</code> feature flag by <a href="https://github.com/isharma228"><code>@​isharma228</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/895">#895</a>)</li> <li>Add <code>JsonSchemaAs</code> implementation for <code>json::JsonString</code> by <a href="https://github.com/yogevm15"><code>@​yogevm15</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/901">#901</a>)</li> </ul> <h2>serde_with v3.15.1</h2> <h3>Fixed</h3> <ul> <li>Fix building of the documentation by updating references to use <code>serde_core</code>.</li> </ul> <h2>serde_with v3.15.0</h2> <h3>Added</h3> <ul> <li> <p>Added error inspection to <code>VecSkipError</code> and <code>MapSkipError</code> by <a href="https://github.com/michelhe"><code>@​michelhe</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/878">#878</a>) This allows interacting with the previously hidden error, for example for logging. Checkout the newly added example to both types.</p> </li> <li> <p>Allow documenting the types generated by <code>serde_conv!</code>. The <code>serde_conv!</code> macro now acceps outer attributes before the optional visibility modifier. This allow adding doc comments in the shape of <code>#[doc = &quot;...&quot;]</code> or any other attributes, such as lint modifiers.</p> <pre lang="rust"><code>serde_conv!( #[doc = &quot;Serialize bools as string&quot;] #[allow(dead_code)] pub BoolAsString, bool, |x: &amp;bool| ::std::string::ToString::to_string(x), |x: ::std::string::String| x.parse() ); </code></pre> </li> <li> <p>Add support for <code>hashbrown</code> v0.16 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/877">#877</a>)</p> <p>This extends the existing support for <code>hashbrown</code> v0.14 and v0.15 to the newly released version.</p> </li> </ul> <h3>Changed</h3> <ul> <li>Bump MSRV to 1.76, since that is required for <code>toml</code> dev-dependency.</li> </ul> <h2>serde_with v3.14.1</h2> <h3>Fixed</h3> <ul> <li>Show macro expansion in the docs.rs generated rustdoc.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonasbb/serde_with/commit/8513323fda11d534cde3e601c7d7073b089a849d"><code>8513323</code></a> Bump version to 3.16.1 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/908">#908</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/5392bbe75ea020264fdb9d5c81290af62c239bc3"><code>5392bbe</code></a> Bump version to 3.16.1</li> <li><a href="https://github.com/jonasbb/serde_with/commit/1e54f1cd38b6c5a0d2765377f46abec16e6972c5"><code>1e54f1c</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/06501806455df8ad09b988d062e9bf1a921d1876"><code>0650180</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/41d1033438be0bf99cbe5c2174f8a8928dbfd188"><code>41d1033</code></a> Fix test conditions for schemars tests to include &quot;hex&quot; feature</li> <li><a href="https://github.com/jonasbb/serde_with/commit/2eed58af053f1e9081c67d9865a619c3c6afd4e3"><code>2eed58a</code></a> Bump the github-actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/jonasbb/serde_with/issues/905">#905</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/ed040f2330a72456708f4f649e7bdbb27f70f00e"><code>ed040f2</code></a> Bump the github-actions group across 1 directory with 2 updates</li> <li><a href="https://github.com/jonasbb/serde_with/commit/fa2129b1b994f527493ee230b7f64cd107719122"><code>fa2129b</code></a> Bump ron from 0.11.0 to 0.12.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/904">#904</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/b55cb9975786db62f0f4704a9a590dcb4ad1966c"><code>b55cb99</code></a> Bump ron from 0.11.0 to 0.12.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/066b9d4019ffd33408bd6829184c0a90bf559cc2"><code>066b9d4</code></a> Bump version to 3.16.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/903">#903</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jonasbb/serde_with/compare/v3.14.0...v3.16.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_with&package-manager=cargo&previous-version=3.14.0&new-version=3.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:32 -08:00
version = "3.16.1"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump serde_with from 3.14.0 to 3.16.1 in /codex-rs (#7422) Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.14.0 to 3.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jonasbb/serde_with/releases">serde_with's releases</a>.</em></p> <blockquote> <h2>serde_with v3.16.1</h2> <h3>Fixed</h3> <ul> <li>Fix <code>JsonSchemaAs</code> of <code>SetPreventDuplicates</code> and <code>SetLastValueWins</code>. (<a href="https://redirect.github.com/jonasbb/serde_with/issues/906">#906</a>, <a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> </ul> <h2>serde_with v3.16.0</h2> <h3>Added</h3> <ul> <li>Added support for <code>smallvec</code> v1 under the <code>smallvec_1</code> feature flag by <a href="https://github.com/isharma228"><code>@​isharma228</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/895">#895</a>)</li> <li>Add <code>JsonSchemaAs</code> implementation for <code>json::JsonString</code> by <a href="https://github.com/yogevm15"><code>@​yogevm15</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/901">#901</a>)</li> </ul> <h2>serde_with v3.15.1</h2> <h3>Fixed</h3> <ul> <li>Fix building of the documentation by updating references to use <code>serde_core</code>.</li> </ul> <h2>serde_with v3.15.0</h2> <h3>Added</h3> <ul> <li> <p>Added error inspection to <code>VecSkipError</code> and <code>MapSkipError</code> by <a href="https://github.com/michelhe"><code>@​michelhe</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/878">#878</a>) This allows interacting with the previously hidden error, for example for logging. Checkout the newly added example to both types.</p> </li> <li> <p>Allow documenting the types generated by <code>serde_conv!</code>. The <code>serde_conv!</code> macro now acceps outer attributes before the optional visibility modifier. This allow adding doc comments in the shape of <code>#[doc = &quot;...&quot;]</code> or any other attributes, such as lint modifiers.</p> <pre lang="rust"><code>serde_conv!( #[doc = &quot;Serialize bools as string&quot;] #[allow(dead_code)] pub BoolAsString, bool, |x: &amp;bool| ::std::string::ToString::to_string(x), |x: ::std::string::String| x.parse() ); </code></pre> </li> <li> <p>Add support for <code>hashbrown</code> v0.16 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/877">#877</a>)</p> <p>This extends the existing support for <code>hashbrown</code> v0.14 and v0.15 to the newly released version.</p> </li> </ul> <h3>Changed</h3> <ul> <li>Bump MSRV to 1.76, since that is required for <code>toml</code> dev-dependency.</li> </ul> <h2>serde_with v3.14.1</h2> <h3>Fixed</h3> <ul> <li>Show macro expansion in the docs.rs generated rustdoc.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonasbb/serde_with/commit/8513323fda11d534cde3e601c7d7073b089a849d"><code>8513323</code></a> Bump version to 3.16.1 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/908">#908</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/5392bbe75ea020264fdb9d5c81290af62c239bc3"><code>5392bbe</code></a> Bump version to 3.16.1</li> <li><a href="https://github.com/jonasbb/serde_with/commit/1e54f1cd38b6c5a0d2765377f46abec16e6972c5"><code>1e54f1c</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/06501806455df8ad09b988d062e9bf1a921d1876"><code>0650180</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/41d1033438be0bf99cbe5c2174f8a8928dbfd188"><code>41d1033</code></a> Fix test conditions for schemars tests to include &quot;hex&quot; feature</li> <li><a href="https://github.com/jonasbb/serde_with/commit/2eed58af053f1e9081c67d9865a619c3c6afd4e3"><code>2eed58a</code></a> Bump the github-actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/jonasbb/serde_with/issues/905">#905</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/ed040f2330a72456708f4f649e7bdbb27f70f00e"><code>ed040f2</code></a> Bump the github-actions group across 1 directory with 2 updates</li> <li><a href="https://github.com/jonasbb/serde_with/commit/fa2129b1b994f527493ee230b7f64cd107719122"><code>fa2129b</code></a> Bump ron from 0.11.0 to 0.12.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/904">#904</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/b55cb9975786db62f0f4704a9a590dcb4ad1966c"><code>b55cb99</code></a> Bump ron from 0.11.0 to 0.12.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/066b9d4019ffd33408bd6829184c0a90bf559cc2"><code>066b9d4</code></a> Bump version to 3.16.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/903">#903</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jonasbb/serde_with/compare/v3.14.0...v3.16.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_with&package-manager=cargo&previous-version=3.14.0&new-version=3.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:32 -08:00
checksum = "52a8e3ca0ca629121f70ab50f95249e5a6f925cc0f6ffe8256c45b728875706c"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
chore(deps): bump serde_with from 3.14.0 to 3.16.1 in /codex-rs (#7422) Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.14.0 to 3.16.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jonasbb/serde_with/releases">serde_with's releases</a>.</em></p> <blockquote> <h2>serde_with v3.16.1</h2> <h3>Fixed</h3> <ul> <li>Fix <code>JsonSchemaAs</code> of <code>SetPreventDuplicates</code> and <code>SetLastValueWins</code>. (<a href="https://redirect.github.com/jonasbb/serde_with/issues/906">#906</a>, <a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> </ul> <h2>serde_with v3.16.0</h2> <h3>Added</h3> <ul> <li>Added support for <code>smallvec</code> v1 under the <code>smallvec_1</code> feature flag by <a href="https://github.com/isharma228"><code>@​isharma228</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/895">#895</a>)</li> <li>Add <code>JsonSchemaAs</code> implementation for <code>json::JsonString</code> by <a href="https://github.com/yogevm15"><code>@​yogevm15</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/901">#901</a>)</li> </ul> <h2>serde_with v3.15.1</h2> <h3>Fixed</h3> <ul> <li>Fix building of the documentation by updating references to use <code>serde_core</code>.</li> </ul> <h2>serde_with v3.15.0</h2> <h3>Added</h3> <ul> <li> <p>Added error inspection to <code>VecSkipError</code> and <code>MapSkipError</code> by <a href="https://github.com/michelhe"><code>@​michelhe</code></a> (<a href="https://redirect.github.com/jonasbb/serde_with/issues/878">#878</a>) This allows interacting with the previously hidden error, for example for logging. Checkout the newly added example to both types.</p> </li> <li> <p>Allow documenting the types generated by <code>serde_conv!</code>. The <code>serde_conv!</code> macro now acceps outer attributes before the optional visibility modifier. This allow adding doc comments in the shape of <code>#[doc = &quot;...&quot;]</code> or any other attributes, such as lint modifiers.</p> <pre lang="rust"><code>serde_conv!( #[doc = &quot;Serialize bools as string&quot;] #[allow(dead_code)] pub BoolAsString, bool, |x: &amp;bool| ::std::string::ToString::to_string(x), |x: ::std::string::String| x.parse() ); </code></pre> </li> <li> <p>Add support for <code>hashbrown</code> v0.16 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/877">#877</a>)</p> <p>This extends the existing support for <code>hashbrown</code> v0.14 and v0.15 to the newly released version.</p> </li> </ul> <h3>Changed</h3> <ul> <li>Bump MSRV to 1.76, since that is required for <code>toml</code> dev-dependency.</li> </ul> <h2>serde_with v3.14.1</h2> <h3>Fixed</h3> <ul> <li>Show macro expansion in the docs.rs generated rustdoc.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jonasbb/serde_with/commit/8513323fda11d534cde3e601c7d7073b089a849d"><code>8513323</code></a> Bump version to 3.16.1 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/908">#908</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/5392bbe75ea020264fdb9d5c81290af62c239bc3"><code>5392bbe</code></a> Bump version to 3.16.1</li> <li><a href="https://github.com/jonasbb/serde_with/commit/1e54f1cd38b6c5a0d2765377f46abec16e6972c5"><code>1e54f1c</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/907">#907</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/06501806455df8ad09b988d062e9bf1a921d1876"><code>0650180</code></a> Fix duplicate schema set definitions for schemars 0.8, 0.9, and 1.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/41d1033438be0bf99cbe5c2174f8a8928dbfd188"><code>41d1033</code></a> Fix test conditions for schemars tests to include &quot;hex&quot; feature</li> <li><a href="https://github.com/jonasbb/serde_with/commit/2eed58af053f1e9081c67d9865a619c3c6afd4e3"><code>2eed58a</code></a> Bump the github-actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/jonasbb/serde_with/issues/905">#905</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/ed040f2330a72456708f4f649e7bdbb27f70f00e"><code>ed040f2</code></a> Bump the github-actions group across 1 directory with 2 updates</li> <li><a href="https://github.com/jonasbb/serde_with/commit/fa2129b1b994f527493ee230b7f64cd107719122"><code>fa2129b</code></a> Bump ron from 0.11.0 to 0.12.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/904">#904</a>)</li> <li><a href="https://github.com/jonasbb/serde_with/commit/b55cb9975786db62f0f4704a9a590dcb4ad1966c"><code>b55cb99</code></a> Bump ron from 0.11.0 to 0.12.0</li> <li><a href="https://github.com/jonasbb/serde_with/commit/066b9d4019ffd33408bd6829184c0a90bf559cc2"><code>066b9d4</code></a> Bump version to 3.16.0 (<a href="https://redirect.github.com/jonasbb/serde_with/issues/903">#903</a>)</li> <li>Additional commits viewable in <a href="https://github.com/jonasbb/serde_with/compare/v3.14.0...v3.16.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_with&package-manager=cargo&previous-version=3.14.0&new-version=3.16.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:35:32 -08:00
"darling 0.21.3",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
feat: experimental support for skills.md (#7412) This change prototypes support for Skills with the CLI. This is an **experimental** feature for internal testing. --------- Co-authored-by: Gav Verma <gverma@openai.com>
2025-12-01 20:22:35 -08:00
[[package]]
name = "serde_yaml"
version = "0.9.34+deprecated"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47"
dependencies = [
"indexmap 2.12.0",
"itoa",
"ryu",
"serde",
"unsafe-libyaml",
]
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
[[package]]
name = "serial2"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.2.31"
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "26e1e5956803a69ddd72ce2de337b577898801528749565def03515f82bad5bb"
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
dependencies = [
"cfg-if",
"libc",
"winapi",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "serial_test"
version = "3.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1b258109f244e1d6891bf1053a55d63a5cd4f8f4c30cf9a1280989f80e7a1fa9"
dependencies = [
"futures",
"log",
"once_cell",
"parking_lot",
"scc",
"serial_test_derive",
]
[[package]]
name = "serial_test_derive"
version = "3.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5d69265a08751de7844521fd15003ae0a888e035773ba05695c5c759a6f89eef"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
]
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
[[package]]
name = "sha1"
version = "0.10.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba"
dependencies = [
"cfg-if",
"cpufeatures",
"digest",
]
feat: compactor 2 (#6027) Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-10-31 22:27:08 +01:00
[[package]]
name = "sha1_smol"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbfa15b3dddfee50a0fff136974b3e1bde555604ba463834a7eb7deb6417705d"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "sha2"
version = "0.10.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a7507d819769d01a365ab707794a4084392c824f54a7a6a7862f8c3d0892b283"
dependencies = [
"cfg-if",
"cpufeatures",
"digest",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "sharded-slab"
version = "0.1.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f40ca3c46823713e0d4209592e8d6e826aa57e928f09752619fc696c499637f6"
dependencies = [
"lazy_static",
]
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
[[package]]
name = "shared_library"
version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5a9e7e0f2bfae24d8a5b5a66c5b257a83c7412304311512a0c054cd5e619da11"
dependencies = [
"lazy_static",
"libc",
]
[[package]]
name = "shell-words"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "24188a676b6ae68c3b2cb3a01be17fbf7240ce009799bb56d5b1409051e78fde"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "shlex"
version = "1.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0fda2ff0d084019ba4d7c6f371c95d8fd75ce3524c3cb8fb653a3023f6323e64"
[[package]]
name = "signal-hook"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.3.18"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "d881a16cf4426aa584979d30bd82cb33429027e42122b169753d6ef1085ed6e2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"libc",
"signal-hook-registry",
]
[[package]]
name = "signal-hook-mio"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34db1a06d485c9142248b7a054f034b349b212551f3dfd19c94d45a754a217cd"
dependencies = [
"libc",
"mio",
"signal-hook",
]
[[package]]
name = "signal-hook-registry"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.4.5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "9203b8055f63a2a00e2f593bb0510367fe707d7ff1e5c872de2f537b339e5410"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"libc",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "simd-adler32"
version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d66dc143e6b11c1eddc06d5c423cfc97062865baf299914ab64caa38182078fe"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "simdutf8"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e3a9fe34e3e7a50316060351f37187a3f546bce95496156754b601a5fa71b76e"
[[package]]
name = "similar"
version = "2.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbbb5d9659141646ae647b42fe094daf6c6192d1620870b449d9557f748b2daa"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "siphasher"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "56199f7ddabf13fe5074ce809e7d3f42b42ae711800501b5b16ea82ad029c39d"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "slab"
chore(deps): bump slab from 0.4.10 to 0.4.11 in /codex-rs (#3635) Bumps [slab](https://github.com/tokio-rs/slab) from 0.4.10 to 0.4.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/slab/releases">slab's releases</a>.</em></p> <blockquote> <h2>v0.4.11</h2> <ul> <li>Fix <code>Slab::get_disjoint_mut</code> out of bounds (<a href="https://redirect.github.com/tokio-rs/slab/issues/152">#152</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md">slab's changelog</a>.</em></p> <blockquote> <h1>0.4.11 (August 8, 2025)</h1> <ul> <li>Fix <code>Slab::get_disjoint_mut</code> out of bounds (<a href="https://redirect.github.com/tokio-rs/slab/issues/152">#152</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/slab/commit/2e5779f8eb318827c78cad38007445a93ec04503"><code>2e5779f</code></a> Release v0.4.11 (<a href="https://redirect.github.com/tokio-rs/slab/issues/153">#153</a>)</li> <li><a href="https://github.com/tokio-rs/slab/commit/2d65c514bc964b192bab212ddf3c1fcea4ae96b8"><code>2d65c51</code></a> Fix get_disjoint_mut error condition (<a href="https://redirect.github.com/tokio-rs/slab/issues/152">#152</a>)</li> <li>See full diff in <a href="https://github.com/tokio-rs/slab/compare/v0.4.10...v0.4.11">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=slab&package-manager=cargo&previous-version=0.4.10&new-version=0.4.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openai/codex/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:48:53 -07:00
version = "0.4.11"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump slab from 0.4.10 to 0.4.11 in /codex-rs (#3635) Bumps [slab](https://github.com/tokio-rs/slab) from 0.4.10 to 0.4.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/slab/releases">slab's releases</a>.</em></p> <blockquote> <h2>v0.4.11</h2> <ul> <li>Fix <code>Slab::get_disjoint_mut</code> out of bounds (<a href="https://redirect.github.com/tokio-rs/slab/issues/152">#152</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/slab/blob/master/CHANGELOG.md">slab's changelog</a>.</em></p> <blockquote> <h1>0.4.11 (August 8, 2025)</h1> <ul> <li>Fix <code>Slab::get_disjoint_mut</code> out of bounds (<a href="https://redirect.github.com/tokio-rs/slab/issues/152">#152</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/slab/commit/2e5779f8eb318827c78cad38007445a93ec04503"><code>2e5779f</code></a> Release v0.4.11 (<a href="https://redirect.github.com/tokio-rs/slab/issues/153">#153</a>)</li> <li><a href="https://github.com/tokio-rs/slab/commit/2d65c514bc964b192bab212ddf3c1fcea4ae96b8"><code>2d65c51</code></a> Fix get_disjoint_mut error condition (<a href="https://redirect.github.com/tokio-rs/slab/issues/152">#152</a>)</li> <li>See full diff in <a href="https://github.com/tokio-rs/slab/compare/v0.4.10...v0.4.11">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=slab&package-manager=cargo&previous-version=0.4.10&new-version=0.4.11)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openai/codex/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:48:53 -07:00
checksum = "7a2ae44ef20feb57a68b23d846850f861394c2e02dc425a50098ae8c90267589"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "smallvec"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.15.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "67b1b7a3b5fe4f1376887184045fcf45c69e92af734b7aaddc05fb777b6fbd03"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
custom textarea (#1794) This replaces tui-textarea with a custom textarea component. Key differences: 1. wrapped lines 2. better unicode handling 3. uses the native terminal cursor This should perhaps be spun out into its own separate crate at some point, but for now it's convenient to have it in-tree.
2025-08-03 11:31:35 -07:00
[[package]]
name = "smawk"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b7c388c1b5e93756d0c740965c41e8822f866621d41acbdf6336a6a168f8840c"
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "socket2"
version = "0.5.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e22376abed350d73dd1cd119b57ffccad95b4e585a7cda43e286245ce23c0678"
dependencies = [
"libc",
"windows-sys 0.52.0",
]
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
[[package]]
name = "socket2"
chore(deps): bump socket2 from 0.6.0 to 0.6.1 in /codex-rs (#8046) Bumps [socket2](https://github.com/rust-lang/socket2) from 0.6.0 to 0.6.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.6.1</h1> <h2>Added</h2> <ul> <li>Added support for Windows Registered I/O (RIO) (<a href="https://redirect.github.com/rust-lang/socket2/pull/604">rust-lang/socket2#604</a>).</li> <li>Added support for <code>TCP_NOTSENT_LOWAT</code> on Linux via <code>Socket::(set_)tcp_notsent_lowat</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/611">rust-lang/socket2#611</a>).</li> <li>Added support for <code>SO_BUSY_POLL</code> on Linux via <code>Socket::set_busy_poll</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/607">rust-lang/socket2#607</a>).</li> <li><code>SockFilter::new</code> is now a const function (<a href="https://redirect.github.com/rust-lang/socket2/pull/609">rust-lang/socket2#609</a>).</li> </ul> <h2>Changed</h2> <ul> <li>Updated the windows-sys dependency to version 0.60 (<a href="https://redirect.github.com/rust-lang/socket2/pull/605">rust-lang/socket2#605</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/socket2/commit/d0ba3d39a6328115a49f470b11be25fd5eba686d"><code>d0ba3d3</code></a> Release v0.6.1</li> <li><a href="https://github.com/rust-lang/socket2/commit/3a8b7edda3d81b849b5f961481154510e718dde7"><code>3a8b7ed</code></a> Add example to create <code>SockAddr</code> from <code>libc::sockaddr_storage</code> (<a href="https://redirect.github.com/rust-lang/socket2/issues/615">#615</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/b54e2e6dbf44baee462afb48285d6595e5800381"><code>b54e2e6</code></a> Disable armv7-sony-vita-newlibeabihf CI check</li> <li><a href="https://github.com/rust-lang/socket2/commit/2d4a2f7b3b791118074f5b5ac6f3f92a890ad7b0"><code>2d4a2f7</code></a> Update feature <code>doc_auto_cfg</code> to <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/socket2/commit/11aa1029f2ffbc4915d788a85fa739da77599198"><code>11aa102</code></a> Add missing components when installing Rust in CI</li> <li><a href="https://github.com/rust-lang/socket2/commit/528ba2b0dacac88567c2af2e0bf6fd64fe6c4d5c"><code>528ba2b</code></a> Add TCP_NOTSENT_LOWAT socketopt support</li> <li><a href="https://github.com/rust-lang/socket2/commit/1fdd2938c1f3ed81f1a5e0c4ed655146252a3532"><code>1fdd293</code></a> Correct rename in CHANGELOG.md (<a href="https://redirect.github.com/rust-lang/socket2/issues/610">#610</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/600ff0d2468bd817179c5eab17dd5a69dddb9250"><code>600ff0d</code></a> Add support for Windows Registered I/O</li> <li><a href="https://github.com/rust-lang/socket2/commit/f0836965a165f357ea3be6f5cc47544130d1bfde"><code>f083696</code></a> Allow <code>SockFilter::new</code> in const contexts</li> <li><a href="https://github.com/rust-lang/socket2/commit/15ade5100c865629518190f4234247c8b6e5b1fd"><code>15ade51</code></a> Refactor for cargo fmt</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/socket2/compare/v0.6.0...v0.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket2&package-manager=cargo&previous-version=0.6.0&new-version=0.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:15:58 -08:00
version = "0.6.1"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump socket2 from 0.6.0 to 0.6.1 in /codex-rs (#8046) Bumps [socket2](https://github.com/rust-lang/socket2) from 0.6.0 to 0.6.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.6.1</h1> <h2>Added</h2> <ul> <li>Added support for Windows Registered I/O (RIO) (<a href="https://redirect.github.com/rust-lang/socket2/pull/604">rust-lang/socket2#604</a>).</li> <li>Added support for <code>TCP_NOTSENT_LOWAT</code> on Linux via <code>Socket::(set_)tcp_notsent_lowat</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/611">rust-lang/socket2#611</a>).</li> <li>Added support for <code>SO_BUSY_POLL</code> on Linux via <code>Socket::set_busy_poll</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/607">rust-lang/socket2#607</a>).</li> <li><code>SockFilter::new</code> is now a const function (<a href="https://redirect.github.com/rust-lang/socket2/pull/609">rust-lang/socket2#609</a>).</li> </ul> <h2>Changed</h2> <ul> <li>Updated the windows-sys dependency to version 0.60 (<a href="https://redirect.github.com/rust-lang/socket2/pull/605">rust-lang/socket2#605</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/socket2/commit/d0ba3d39a6328115a49f470b11be25fd5eba686d"><code>d0ba3d3</code></a> Release v0.6.1</li> <li><a href="https://github.com/rust-lang/socket2/commit/3a8b7edda3d81b849b5f961481154510e718dde7"><code>3a8b7ed</code></a> Add example to create <code>SockAddr</code> from <code>libc::sockaddr_storage</code> (<a href="https://redirect.github.com/rust-lang/socket2/issues/615">#615</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/b54e2e6dbf44baee462afb48285d6595e5800381"><code>b54e2e6</code></a> Disable armv7-sony-vita-newlibeabihf CI check</li> <li><a href="https://github.com/rust-lang/socket2/commit/2d4a2f7b3b791118074f5b5ac6f3f92a890ad7b0"><code>2d4a2f7</code></a> Update feature <code>doc_auto_cfg</code> to <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/socket2/commit/11aa1029f2ffbc4915d788a85fa739da77599198"><code>11aa102</code></a> Add missing components when installing Rust in CI</li> <li><a href="https://github.com/rust-lang/socket2/commit/528ba2b0dacac88567c2af2e0bf6fd64fe6c4d5c"><code>528ba2b</code></a> Add TCP_NOTSENT_LOWAT socketopt support</li> <li><a href="https://github.com/rust-lang/socket2/commit/1fdd2938c1f3ed81f1a5e0c4ed655146252a3532"><code>1fdd293</code></a> Correct rename in CHANGELOG.md (<a href="https://redirect.github.com/rust-lang/socket2/issues/610">#610</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/600ff0d2468bd817179c5eab17dd5a69dddb9250"><code>600ff0d</code></a> Add support for Windows Registered I/O</li> <li><a href="https://github.com/rust-lang/socket2/commit/f0836965a165f357ea3be6f5cc47544130d1bfde"><code>f083696</code></a> Allow <code>SockFilter::new</code> in const contexts</li> <li><a href="https://github.com/rust-lang/socket2/commit/15ade5100c865629518190f4234247c8b6e5b1fd"><code>15ade51</code></a> Refactor for cargo fmt</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/socket2/compare/v0.6.0...v0.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket2&package-manager=cargo&previous-version=0.6.0&new-version=0.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:15:58 -08:00
checksum = "17129e116933cf371d018bb80ae557e889637989d8638274fb25622827b03881"
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
dependencies = [
"libc",
chore(deps): bump socket2 from 0.6.0 to 0.6.1 in /codex-rs (#8046) Bumps [socket2](https://github.com/rust-lang/socket2) from 0.6.0 to 0.6.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.6.1</h1> <h2>Added</h2> <ul> <li>Added support for Windows Registered I/O (RIO) (<a href="https://redirect.github.com/rust-lang/socket2/pull/604">rust-lang/socket2#604</a>).</li> <li>Added support for <code>TCP_NOTSENT_LOWAT</code> on Linux via <code>Socket::(set_)tcp_notsent_lowat</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/611">rust-lang/socket2#611</a>).</li> <li>Added support for <code>SO_BUSY_POLL</code> on Linux via <code>Socket::set_busy_poll</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/607">rust-lang/socket2#607</a>).</li> <li><code>SockFilter::new</code> is now a const function (<a href="https://redirect.github.com/rust-lang/socket2/pull/609">rust-lang/socket2#609</a>).</li> </ul> <h2>Changed</h2> <ul> <li>Updated the windows-sys dependency to version 0.60 (<a href="https://redirect.github.com/rust-lang/socket2/pull/605">rust-lang/socket2#605</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/socket2/commit/d0ba3d39a6328115a49f470b11be25fd5eba686d"><code>d0ba3d3</code></a> Release v0.6.1</li> <li><a href="https://github.com/rust-lang/socket2/commit/3a8b7edda3d81b849b5f961481154510e718dde7"><code>3a8b7ed</code></a> Add example to create <code>SockAddr</code> from <code>libc::sockaddr_storage</code> (<a href="https://redirect.github.com/rust-lang/socket2/issues/615">#615</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/b54e2e6dbf44baee462afb48285d6595e5800381"><code>b54e2e6</code></a> Disable armv7-sony-vita-newlibeabihf CI check</li> <li><a href="https://github.com/rust-lang/socket2/commit/2d4a2f7b3b791118074f5b5ac6f3f92a890ad7b0"><code>2d4a2f7</code></a> Update feature <code>doc_auto_cfg</code> to <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/socket2/commit/11aa1029f2ffbc4915d788a85fa739da77599198"><code>11aa102</code></a> Add missing components when installing Rust in CI</li> <li><a href="https://github.com/rust-lang/socket2/commit/528ba2b0dacac88567c2af2e0bf6fd64fe6c4d5c"><code>528ba2b</code></a> Add TCP_NOTSENT_LOWAT socketopt support</li> <li><a href="https://github.com/rust-lang/socket2/commit/1fdd2938c1f3ed81f1a5e0c4ed655146252a3532"><code>1fdd293</code></a> Correct rename in CHANGELOG.md (<a href="https://redirect.github.com/rust-lang/socket2/issues/610">#610</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/600ff0d2468bd817179c5eab17dd5a69dddb9250"><code>600ff0d</code></a> Add support for Windows Registered I/O</li> <li><a href="https://github.com/rust-lang/socket2/commit/f0836965a165f357ea3be6f5cc47544130d1bfde"><code>f083696</code></a> Allow <code>SockFilter::new</code> in const contexts</li> <li><a href="https://github.com/rust-lang/socket2/commit/15ade5100c865629518190f4234247c8b6e5b1fd"><code>15ade51</code></a> Refactor for cargo fmt</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/socket2/compare/v0.6.0...v0.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket2&package-manager=cargo&previous-version=0.6.0&new-version=0.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:15:58 -08:00
"windows-sys 0.60.2",
fix: correctly wrap history items (#1685) The overall idea here is: skip ratatui for writing into scrollback, because its primitives are wrong. We want to render full lines of text, that will be wrapped natively by the terminal, and which we never plan to update using ratatui (so the `Buffer` struct is overhead and in fact an inhibition). Instead, we use ANSI scrolling regions (link reference doc to come). Essentially, we: 1. Define a scrolling region that extends from the top of the prompt area all the way to the top of scrollback 2. Scroll that region up by N < (screen_height - viewport_height) lines, in this PR N=1 3. Put our cursor at the top of the newly empty region 4. Print out our new text like normal The terminal interactions here (write_spans and its dependencies) are mostly extracted from ratatui.
2025-07-28 07:45:49 -07:00
]
[MCP] Add experimental support for streamable HTTP MCP servers (#4317) This PR adds support for streamable HTTP MCP servers when the `experimental_use_rmcp_client` is enabled. To set one up, simply add a new mcp server config with the url: ``` [mcp_servers.figma] url = "http://127.0.0.1:3845/mcp" ``` It also supports an optional `bearer_token` which will be provided in an authorization header. The full oauth flow is not supported yet. The config parsing will throw if it detects that the user mixed and matched config fields (like command + bearer token or url + env). The best way to review it is to review `core/src` and then `rmcp-client/src/rmcp_client.rs` first. The rest is tests and propagating the `Transport` struct around the codebase. Example with the Figma MCP: <img width="5084" height="1614" alt="CleanShot 2025-09-26 at 13 35 40" src="https://github.com/user-attachments/assets/eaf2771e-df3e-4300-816b-184d7dec5a28" />
2025-09-26 18:24:01 -07:00
[[package]]
name = "sse-stream"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eb4dc4d33c68ec1f27d386b5610a351922656e1fdf5c05bbaad930cd1519479a"
dependencies = [
"bytes",
"futures-util",
"http-body",
"http-body-util",
"pin-project-lite",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "stable_deref_trait"
version = "1.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a8f112729512f8e442d81f95a8a7ddf2b7c6b8a1a6f509a95864142b30cab2d3"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "starlark"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0f53849859f05d9db705b221bd92eede93877fd426c1b4a3c3061403a5912a8f"
dependencies = [
"allocative",
"anyhow",
"bumpalo",
"cmp_any",
"debugserver-types",
"derivative",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"derive_more 1.0.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"display_container",
"dupe",
"either",
"erased-serde",
"hashbrown 0.14.5",
"inventory",
"itertools 0.13.0",
"maplit",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"memoffset 0.6.5",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"num-bigint",
"num-traits",
"once_cell",
"paste",
"ref-cast",
"regex",
"rustyline",
"serde",
"serde_json",
"starlark_derive",
"starlark_map",
"starlark_syntax",
"static_assertions",
"strsim 0.10.0",
custom textarea (#1794) This replaces tui-textarea with a custom textarea component. Key differences: 1. wrapped lines 2. better unicode handling 3. uses the native terminal cursor This should perhaps be spun out into its own separate crate at some point, but for now it's convenient to have it in-tree.
2025-08-03 11:31:35 -07:00
"textwrap 0.11.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"thiserror 1.0.69",
]
[[package]]
name = "starlark_derive"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe58bc6c8b7980a1fe4c9f8f48200c3212db42ebfe21ae6a0336385ab53f082a"
dependencies = [
"dupe",
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
]
[[package]]
name = "starlark_map"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "92659970f120df0cc1c0bb220b33587b7a9a90e80d4eecc5c5af5debb950173d"
dependencies = [
"allocative",
"dupe",
"equivalent",
"fxhash",
"hashbrown 0.14.5",
"serde",
]
[[package]]
name = "starlark_syntax"
version = "0.13.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fe53b3690d776aafd7cb6b9fed62d94f83280e3b87d88e3719cc0024638461b3"
dependencies = [
"allocative",
"annotate-snippets",
"anyhow",
"derivative",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"derive_more 1.0.0",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"dupe",
"lalrpop",
"lalrpop-util",
"logos",
"lsp-types",
"memchr",
"num-bigint",
"num-traits",
"once_cell",
"starlark_map",
"thiserror 1.0.69",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "static_assertions"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f"
[[package]]
name = "streaming-iterator"
version = "0.1.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2b2231b7c3057d5e4ad0156fb3dc807d900806020c5ffa3ee6ff2c8c76fb8520"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "string_cache"
version = "0.8.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bf776ba3fa74f83bf4b63c3dcbbf82173db2632ed8452cb2d891d33f459de70f"
dependencies = [
"new_debug_unreachable",
"parking_lot",
"phf_shared",
"precomputed-hash",
]
[[package]]
name = "strsim"
version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "strsim"
version = "0.11.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7da8b5736845d9f2fcb837ea5d9e2628564b3b043a70948a3f0b778838c5fb4f"
[[package]]
name = "strum"
version = "0.26.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06"
dependencies = [
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
"strum_macros 0.26.4",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
[[package]]
name = "strum"
chore(deps): bump strum from 0.27.1 to 0.27.2 in /codex-rs (#1639) Bumps [strum](https://github.com/Peternator7/strum) from 0.27.1 to 0.27.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/releases">strum's releases</a>.</em></p> <blockquote> <h2>v0.27.2</h2> <h2>What's Changed</h2> <ul> <li>Adding support for doc comments on <code>EnumDiscriminants</code> generated type… by <a href="https://github.com/linclelinkpart5"><code>@​linclelinkpart5</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/141">Peternator7/strum#141</a></li> <li>Drop needless <code>rustversion</code> dependency by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li>Upgrade <code>phf</code> to v0.12 by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/448">Peternator7/strum#448</a></li> <li>allow discriminants on empty enum by <a href="https://github.com/crop2000"><code>@​crop2000</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li>Remove broken link to EnumTable docs by <a href="https://github.com/schneems"><code>@​schneems</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li>Change enum table callbacks to FnMut. by <a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li>Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li>Implement a <code>suffix</code> attribute for serialization of enum variants by <a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> <li>Expound upon use_phf docs by <a href="https://github.com/Peternator7"><code>@​Peternator7</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/449">Peternator7/strum#449</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li><a href="https://github.com/crop2000"><code>@​crop2000</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li><a href="https://github.com/schneems"><code>@​schneems</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li><a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li><a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li><a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum's changelog</a>.</em></p> <blockquote> <h2>0.27.2</h2> <ul> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/141">#141</a>: Adding support for doc comments on <code>EnumDiscriminants</code> generated type.</p> <ul> <li>The doc comment will be copied from the variant on the type itself.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/435">#435</a>:allow discriminants on empty enum.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/443">#443</a>: Change enum table callbacks to FnMut.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/444">#444</a>: Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></p> <ul> <li>This should make the linter less noisy with warnings in generated code.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/440">#440</a>: Implement a <code>suffix</code> attribute for serialization of enum variants.</p> <pre lang="rust"><code>#[derive(strum::Display)] #[strum(suffix=&quot;.json&quot;)] #[strum(serialize_all=&quot;snake_case&quot;)] enum StorageConfiguration { PostgresProvider, S3StorageProvider, AzureStorageProvider, } <p>fn main() { let response = SurveyResponse::Other(&quot;It was good&quot;.into()); println!(&quot;Loading configuration from: {}&quot;, StorageConfiguration::PostgresProvider); // prints: Loaded Configuration from: postgres_provider.json } </code></pre></p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/446">#446</a>: Drop needless <code>rustversion</code> dependency.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Peternator7/strum/commit/38f66210e7ca0bb156f3632dcf24a2548959c379"><code>38f6621</code></a> Expound upon use_phf docs (<a href="https://redirect.github.com/Peternator7/strum/issues/449">#449</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/bb1339026b44773e395913340f4e60972fa5e6a1"><code>bb13390</code></a> Implement a <code>suffix</code> attribute for serialization of enum variants (<a href="https://redirect.github.com/Peternator7/strum/issues/440">#440</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/c9e52bfd2865c8c766e0379f9e7bf57621a104e3"><code>c9e52bf</code></a> Add <code>#[automatically_derived]</code> to the <code>impl</code>s (<a href="https://redirect.github.com/Peternator7/strum/issues/444">#444</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/1b00f899e52f43fa35c4d406c901d33b1e9645e2"><code>1b00f89</code></a> Change enum table callbacks to FnMut. (<a href="https://redirect.github.com/Peternator7/strum/issues/443">#443</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/6e2ca25fba8ebdfa403ada6a2bf2f3b15403b2cf"><code>6e2ca25</code></a> Remove broken link to EnumTable docs (<a href="https://redirect.github.com/Peternator7/strum/issues/427">#427</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/95037811412792c9cd70586598aa88d7f514c0ac"><code>9503781</code></a> allow discriminants on empty enum (<a href="https://redirect.github.com/Peternator7/strum/issues/435">#435</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/8553ba2845989337d88a7170f7f0c419945bf156"><code>8553ba2</code></a> Upgrade <code>phf</code> to v0.12 (<a href="https://redirect.github.com/Peternator7/strum/issues/448">#448</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/2eba5c2a5c0b827317bafcb1f545af67b5ce9110"><code>2eba5c2</code></a> Drop needless <code>rustversion</code> dependency (<a href="https://redirect.github.com/Peternator7/strum/issues/446">#446</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/f301b67d9122b271e0531ab7f167c4585cefa484"><code>f301b67</code></a> Merge branch 'linclelinkpart5-master-2'</li> <li><a href="https://github.com/Peternator7/strum/commit/455b2bf859640dc27442b9d38f58ce8da7e3bd6e"><code>455b2bf</code></a> Merge branch 'master' of <a href="https://github.com/linclelinkpart5/strum">https://github.com/linclelinkpart5/strum</a> into lincle...</li> <li>See full diff in <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum&package-manager=cargo&previous-version=0.27.1&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 16:07:33 -07:00
version = "0.27.2"
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump strum from 0.27.1 to 0.27.2 in /codex-rs (#1639) Bumps [strum](https://github.com/Peternator7/strum) from 0.27.1 to 0.27.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/releases">strum's releases</a>.</em></p> <blockquote> <h2>v0.27.2</h2> <h2>What's Changed</h2> <ul> <li>Adding support for doc comments on <code>EnumDiscriminants</code> generated type… by <a href="https://github.com/linclelinkpart5"><code>@​linclelinkpart5</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/141">Peternator7/strum#141</a></li> <li>Drop needless <code>rustversion</code> dependency by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li>Upgrade <code>phf</code> to v0.12 by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/448">Peternator7/strum#448</a></li> <li>allow discriminants on empty enum by <a href="https://github.com/crop2000"><code>@​crop2000</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li>Remove broken link to EnumTable docs by <a href="https://github.com/schneems"><code>@​schneems</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li>Change enum table callbacks to FnMut. by <a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li>Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li>Implement a <code>suffix</code> attribute for serialization of enum variants by <a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> <li>Expound upon use_phf docs by <a href="https://github.com/Peternator7"><code>@​Peternator7</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/449">Peternator7/strum#449</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li><a href="https://github.com/crop2000"><code>@​crop2000</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li><a href="https://github.com/schneems"><code>@​schneems</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li><a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li><a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li><a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum's changelog</a>.</em></p> <blockquote> <h2>0.27.2</h2> <ul> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/141">#141</a>: Adding support for doc comments on <code>EnumDiscriminants</code> generated type.</p> <ul> <li>The doc comment will be copied from the variant on the type itself.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/435">#435</a>:allow discriminants on empty enum.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/443">#443</a>: Change enum table callbacks to FnMut.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/444">#444</a>: Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></p> <ul> <li>This should make the linter less noisy with warnings in generated code.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/440">#440</a>: Implement a <code>suffix</code> attribute for serialization of enum variants.</p> <pre lang="rust"><code>#[derive(strum::Display)] #[strum(suffix=&quot;.json&quot;)] #[strum(serialize_all=&quot;snake_case&quot;)] enum StorageConfiguration { PostgresProvider, S3StorageProvider, AzureStorageProvider, } <p>fn main() { let response = SurveyResponse::Other(&quot;It was good&quot;.into()); println!(&quot;Loading configuration from: {}&quot;, StorageConfiguration::PostgresProvider); // prints: Loaded Configuration from: postgres_provider.json } </code></pre></p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/446">#446</a>: Drop needless <code>rustversion</code> dependency.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Peternator7/strum/commit/38f66210e7ca0bb156f3632dcf24a2548959c379"><code>38f6621</code></a> Expound upon use_phf docs (<a href="https://redirect.github.com/Peternator7/strum/issues/449">#449</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/bb1339026b44773e395913340f4e60972fa5e6a1"><code>bb13390</code></a> Implement a <code>suffix</code> attribute for serialization of enum variants (<a href="https://redirect.github.com/Peternator7/strum/issues/440">#440</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/c9e52bfd2865c8c766e0379f9e7bf57621a104e3"><code>c9e52bf</code></a> Add <code>#[automatically_derived]</code> to the <code>impl</code>s (<a href="https://redirect.github.com/Peternator7/strum/issues/444">#444</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/1b00f899e52f43fa35c4d406c901d33b1e9645e2"><code>1b00f89</code></a> Change enum table callbacks to FnMut. (<a href="https://redirect.github.com/Peternator7/strum/issues/443">#443</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/6e2ca25fba8ebdfa403ada6a2bf2f3b15403b2cf"><code>6e2ca25</code></a> Remove broken link to EnumTable docs (<a href="https://redirect.github.com/Peternator7/strum/issues/427">#427</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/95037811412792c9cd70586598aa88d7f514c0ac"><code>9503781</code></a> allow discriminants on empty enum (<a href="https://redirect.github.com/Peternator7/strum/issues/435">#435</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/8553ba2845989337d88a7170f7f0c419945bf156"><code>8553ba2</code></a> Upgrade <code>phf</code> to v0.12 (<a href="https://redirect.github.com/Peternator7/strum/issues/448">#448</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/2eba5c2a5c0b827317bafcb1f545af67b5ce9110"><code>2eba5c2</code></a> Drop needless <code>rustversion</code> dependency (<a href="https://redirect.github.com/Peternator7/strum/issues/446">#446</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/f301b67d9122b271e0531ab7f167c4585cefa484"><code>f301b67</code></a> Merge branch 'linclelinkpart5-master-2'</li> <li><a href="https://github.com/Peternator7/strum/commit/455b2bf859640dc27442b9d38f58ce8da7e3bd6e"><code>455b2bf</code></a> Merge branch 'master' of <a href="https://github.com/linclelinkpart5/strum">https://github.com/linclelinkpart5/strum</a> into lincle...</li> <li>See full diff in <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum&package-manager=cargo&previous-version=0.27.1&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 16:07:33 -07:00
checksum = "af23d6f6c1a224baef9d3f61e287d2761385a5b88fdab4eb4c6f11aeb54c4bcf"
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "strum_macros"
version = "0.26.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4c6bee85a5a24955dc440386795aa378cd9cf82acd5f764469152d2270e581be"
dependencies = [
"heck",
"proc-macro2",
"quote",
"rustversion",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
[[package]]
name = "strum_macros"
chore(deps): bump strum_macros from 0.27.1 to 0.27.2 in /codex-rs (#1638) Bumps [strum_macros](https://github.com/Peternator7/strum) from 0.27.1 to 0.27.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/releases">strum_macros's releases</a>.</em></p> <blockquote> <h2>v0.27.2</h2> <h2>What's Changed</h2> <ul> <li>Adding support for doc comments on <code>EnumDiscriminants</code> generated type… by <a href="https://github.com/linclelinkpart5"><code>@​linclelinkpart5</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/141">Peternator7/strum#141</a></li> <li>Drop needless <code>rustversion</code> dependency by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li>Upgrade <code>phf</code> to v0.12 by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/448">Peternator7/strum#448</a></li> <li>allow discriminants on empty enum by <a href="https://github.com/crop2000"><code>@​crop2000</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li>Remove broken link to EnumTable docs by <a href="https://github.com/schneems"><code>@​schneems</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li>Change enum table callbacks to FnMut. by <a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li>Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li>Implement a <code>suffix</code> attribute for serialization of enum variants by <a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> <li>Expound upon use_phf docs by <a href="https://github.com/Peternator7"><code>@​Peternator7</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/449">Peternator7/strum#449</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li><a href="https://github.com/crop2000"><code>@​crop2000</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li><a href="https://github.com/schneems"><code>@​schneems</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li><a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li><a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li><a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum_macros's changelog</a>.</em></p> <blockquote> <h2>0.27.2</h2> <ul> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/141">#141</a>: Adding support for doc comments on <code>EnumDiscriminants</code> generated type.</p> <ul> <li>The doc comment will be copied from the variant on the type itself.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/435">#435</a>:allow discriminants on empty enum.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/443">#443</a>: Change enum table callbacks to FnMut.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/444">#444</a>: Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></p> <ul> <li>This should make the linter less noisy with warnings in generated code.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/440">#440</a>: Implement a <code>suffix</code> attribute for serialization of enum variants.</p> <pre lang="rust"><code>#[derive(strum::Display)] #[strum(suffix=&quot;.json&quot;)] #[strum(serialize_all=&quot;snake_case&quot;)] enum StorageConfiguration { PostgresProvider, S3StorageProvider, AzureStorageProvider, } <p>fn main() { let response = SurveyResponse::Other(&quot;It was good&quot;.into()); println!(&quot;Loading configuration from: {}&quot;, StorageConfiguration::PostgresProvider); // prints: Loaded Configuration from: postgres_provider.json } </code></pre></p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/446">#446</a>: Drop needless <code>rustversion</code> dependency.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Peternator7/strum/commit/38f66210e7ca0bb156f3632dcf24a2548959c379"><code>38f6621</code></a> Expound upon use_phf docs (<a href="https://redirect.github.com/Peternator7/strum/issues/449">#449</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/bb1339026b44773e395913340f4e60972fa5e6a1"><code>bb13390</code></a> Implement a <code>suffix</code> attribute for serialization of enum variants (<a href="https://redirect.github.com/Peternator7/strum/issues/440">#440</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/c9e52bfd2865c8c766e0379f9e7bf57621a104e3"><code>c9e52bf</code></a> Add <code>#[automatically_derived]</code> to the <code>impl</code>s (<a href="https://redirect.github.com/Peternator7/strum/issues/444">#444</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/1b00f899e52f43fa35c4d406c901d33b1e9645e2"><code>1b00f89</code></a> Change enum table callbacks to FnMut. (<a href="https://redirect.github.com/Peternator7/strum/issues/443">#443</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/6e2ca25fba8ebdfa403ada6a2bf2f3b15403b2cf"><code>6e2ca25</code></a> Remove broken link to EnumTable docs (<a href="https://redirect.github.com/Peternator7/strum/issues/427">#427</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/95037811412792c9cd70586598aa88d7f514c0ac"><code>9503781</code></a> allow discriminants on empty enum (<a href="https://redirect.github.com/Peternator7/strum/issues/435">#435</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/8553ba2845989337d88a7170f7f0c419945bf156"><code>8553ba2</code></a> Upgrade <code>phf</code> to v0.12 (<a href="https://redirect.github.com/Peternator7/strum/issues/448">#448</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/2eba5c2a5c0b827317bafcb1f545af67b5ce9110"><code>2eba5c2</code></a> Drop needless <code>rustversion</code> dependency (<a href="https://redirect.github.com/Peternator7/strum/issues/446">#446</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/f301b67d9122b271e0531ab7f167c4585cefa484"><code>f301b67</code></a> Merge branch 'linclelinkpart5-master-2'</li> <li><a href="https://github.com/Peternator7/strum/commit/455b2bf859640dc27442b9d38f58ce8da7e3bd6e"><code>455b2bf</code></a> Merge branch 'master' of <a href="https://github.com/linclelinkpart5/strum">https://github.com/linclelinkpart5/strum</a> into lincle...</li> <li>See full diff in <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum_macros&package-manager=cargo&previous-version=0.27.1&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 16:34:16 -07:00
version = "0.27.2"
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump strum_macros from 0.27.1 to 0.27.2 in /codex-rs (#1638) Bumps [strum_macros](https://github.com/Peternator7/strum) from 0.27.1 to 0.27.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/releases">strum_macros's releases</a>.</em></p> <blockquote> <h2>v0.27.2</h2> <h2>What's Changed</h2> <ul> <li>Adding support for doc comments on <code>EnumDiscriminants</code> generated type… by <a href="https://github.com/linclelinkpart5"><code>@​linclelinkpart5</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/141">Peternator7/strum#141</a></li> <li>Drop needless <code>rustversion</code> dependency by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li>Upgrade <code>phf</code> to v0.12 by <a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/448">Peternator7/strum#448</a></li> <li>allow discriminants on empty enum by <a href="https://github.com/crop2000"><code>@​crop2000</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li>Remove broken link to EnumTable docs by <a href="https://github.com/schneems"><code>@​schneems</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li>Change enum table callbacks to FnMut. by <a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li>Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li>Implement a <code>suffix</code> attribute for serialization of enum variants by <a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> <li>Expound upon use_phf docs by <a href="https://github.com/Peternator7"><code>@​Peternator7</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/449">Peternator7/strum#449</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/paolobarbolini"><code>@​paolobarbolini</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/446">Peternator7/strum#446</a></li> <li><a href="https://github.com/crop2000"><code>@​crop2000</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/435">Peternator7/strum#435</a></li> <li><a href="https://github.com/schneems"><code>@​schneems</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/427">Peternator7/strum#427</a></li> <li><a href="https://github.com/ClaytonKnittel"><code>@​ClaytonKnittel</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/443">Peternator7/strum#443</a></li> <li><a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></li> <li><a href="https://github.com/amogh-dambal"><code>@​amogh-dambal</code></a> made their first contribution in <a href="https://redirect.github.com/Peternator7/strum/pull/440">Peternator7/strum#440</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Peternator7/strum/blob/master/CHANGELOG.md">strum_macros's changelog</a>.</em></p> <blockquote> <h2>0.27.2</h2> <ul> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/141">#141</a>: Adding support for doc comments on <code>EnumDiscriminants</code> generated type.</p> <ul> <li>The doc comment will be copied from the variant on the type itself.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/435">#435</a>:allow discriminants on empty enum.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/443">#443</a>: Change enum table callbacks to FnMut.</p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/444">#444</a>: Add <code>#[automatically_derived]</code> to the <code>impl</code>s by <a href="https://github.com/dandedotdev"><code>@​dandedotdev</code></a> in <a href="https://redirect.github.com/Peternator7/strum/pull/444">Peternator7/strum#444</a></p> <ul> <li>This should make the linter less noisy with warnings in generated code.</li> </ul> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/440">#440</a>: Implement a <code>suffix</code> attribute for serialization of enum variants.</p> <pre lang="rust"><code>#[derive(strum::Display)] #[strum(suffix=&quot;.json&quot;)] #[strum(serialize_all=&quot;snake_case&quot;)] enum StorageConfiguration { PostgresProvider, S3StorageProvider, AzureStorageProvider, } <p>fn main() { let response = SurveyResponse::Other(&quot;It was good&quot;.into()); println!(&quot;Loading configuration from: {}&quot;, StorageConfiguration::PostgresProvider); // prints: Loaded Configuration from: postgres_provider.json } </code></pre></p> </li> <li> <p><a href="https://redirect.github.com/Peternator7/strum/pull/446">#446</a>: Drop needless <code>rustversion</code> dependency.</p> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Peternator7/strum/commit/38f66210e7ca0bb156f3632dcf24a2548959c379"><code>38f6621</code></a> Expound upon use_phf docs (<a href="https://redirect.github.com/Peternator7/strum/issues/449">#449</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/bb1339026b44773e395913340f4e60972fa5e6a1"><code>bb13390</code></a> Implement a <code>suffix</code> attribute for serialization of enum variants (<a href="https://redirect.github.com/Peternator7/strum/issues/440">#440</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/c9e52bfd2865c8c766e0379f9e7bf57621a104e3"><code>c9e52bf</code></a> Add <code>#[automatically_derived]</code> to the <code>impl</code>s (<a href="https://redirect.github.com/Peternator7/strum/issues/444">#444</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/1b00f899e52f43fa35c4d406c901d33b1e9645e2"><code>1b00f89</code></a> Change enum table callbacks to FnMut. (<a href="https://redirect.github.com/Peternator7/strum/issues/443">#443</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/6e2ca25fba8ebdfa403ada6a2bf2f3b15403b2cf"><code>6e2ca25</code></a> Remove broken link to EnumTable docs (<a href="https://redirect.github.com/Peternator7/strum/issues/427">#427</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/95037811412792c9cd70586598aa88d7f514c0ac"><code>9503781</code></a> allow discriminants on empty enum (<a href="https://redirect.github.com/Peternator7/strum/issues/435">#435</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/8553ba2845989337d88a7170f7f0c419945bf156"><code>8553ba2</code></a> Upgrade <code>phf</code> to v0.12 (<a href="https://redirect.github.com/Peternator7/strum/issues/448">#448</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/2eba5c2a5c0b827317bafcb1f545af67b5ce9110"><code>2eba5c2</code></a> Drop needless <code>rustversion</code> dependency (<a href="https://redirect.github.com/Peternator7/strum/issues/446">#446</a>)</li> <li><a href="https://github.com/Peternator7/strum/commit/f301b67d9122b271e0531ab7f167c4585cefa484"><code>f301b67</code></a> Merge branch 'linclelinkpart5-master-2'</li> <li><a href="https://github.com/Peternator7/strum/commit/455b2bf859640dc27442b9d38f58ce8da7e3bd6e"><code>455b2bf</code></a> Merge branch 'master' of <a href="https://github.com/linclelinkpart5/strum">https://github.com/linclelinkpart5/strum</a> into lincle...</li> <li>See full diff in <a href="https://github.com/Peternator7/strum/compare/v0.27.1...v0.27.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=strum_macros&package-manager=cargo&previous-version=0.27.1&new-version=0.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-23 16:34:16 -07:00
checksum = "7695ce3845ea4b33927c055a39dc438a45b059f7c1b3d91d38d10355fb8cbca7"
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
dependencies = [
"heck",
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: add support for commands in the Rust TUI (#935) Introduces support for slash commands like in the TypeScript CLI. We do not support the full set of commands yet, but the core abstraction is there now. In particular, we have a `SlashCommand` enum and due to thoughtful use of the [strum](https://crates.io/crates/strum) crate, it requires minimal boilerplate to add a new command to the list. The key new piece of UI is `CommandPopup`, though the keyboard events are still handled by `ChatComposer`. The behavior is roughly as follows: * if the first character in the composer is `/`, the command popup is displayed (if you really want to send a message to Codex that starts with a `/`, simply put a space before the `/`) * while the popup is displayed, up/down can be used to change the selection of the popup * if there is a selection, hitting tab completes the command, but does not send it * if there is a selection, hitting enter sends the command * if the prefix of the composer matches a command, the command will be visible in the popup so the user can see the description (commands could take arguments, so additional text may appear after the command name itself) https://github.com/user-attachments/assets/39c3e6ee-eeb7-4ef7-a911-466d8184975f Incidentally, Codex wrote almost all the code for this PR!
2025-05-14 12:55:49 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "subtle"
version = "2.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "13c2bddecc57b384dee18652358fb23172facb8a2c51ccc10d74c157bdea3292"
cloud: status, diff, apply (#7614) Adds cli commands for getting the status of cloud tasks, and for getting/applying the diffs from same.
2025-12-05 13:39:23 -08:00
[[package]]
name = "supports-color"
version = "2.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d6398cde53adc3c4557306a96ce67b302968513830a77a95b2b17305d9719a89"
dependencies = [
"is-terminal",
"is_ci",
]
shimmer on working (#1807) change the animation on "working" to be a text shimmer https://github.com/user-attachments/assets/f64529eb-1c64-493a-8d97-0f68b964bdd0
2025-08-03 11:51:33 -07:00
[[package]]
name = "supports-color"
version = "3.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c64fc7232dd8d2e4ac5ce4ef302b1d81e0b80d055b9d77c7c4f51f6aa4c867d6"
dependencies = [
"is_ci",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "syn"
version = "1.0.109"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237"
dependencies = [
"proc-macro2",
"quote",
"unicode-ident",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "syn"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "2.0.104"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "17b6f705963418cdb9927482fa304bc562ece2fdd4f616084c50b7023b435a40"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
"unicode-ident",
]
[[package]]
name = "sync_wrapper"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0bf256ce5efdfa370213c1dabab5935a12e49f2c58d15e9eac2870d3b4f27263"
dependencies = [
"futures-core",
]
[[package]]
name = "synstructure"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.13.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "728a70f3dbaf5bab7f0c4b1ac8d7ae5ea60a4b5549c8a5914361c99147a709d2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
Format large numbers in a more readable way. (#2046) - In the bottom line of the TUI, print the number of tokens to 3 sigfigs with an SI suffix, e.g. "1.23K". - Elsewhere where we print a number, I figure it's worthwhile to print the exact number, because e.g. it's a summary of your session. Here we print the numbers comma-separated.
2025-09-08 14:48:48 -07:00
[[package]]
name = "sys-locale"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8eab9a99a024a169fe8a903cf9d4a3b3601109bcc13bd9e3c6fff259138626c4"
dependencies = [
"libc",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "system-configuration"
version = "0.6.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3c879d448e9d986b661742763247d3693ed13609438cf3d006f51f5368a5ba6b"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
"core-foundation 0.9.4",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"system-configuration-sys",
]
[[package]]
name = "system-configuration-sys"
version = "0.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8e1d1b10ced5ca923a1fcb8d03e96b8d3268065d724548c0211415ff6ac6bac4"
dependencies = [
"core-foundation-sys",
"libc",
]
[[package]]
name = "tempfile"
chore(deps): bump tempfile from 3.20.0 to 3.22.0 in /codex-rs (#4030) Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.20.0 to 3.22.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md">tempfile's changelog</a>.</em></p> <blockquote> <h2>3.22.0</h2> <ul> <li>Updated <code>windows-sys</code> requirement to allow version 0.61.x</li> <li>Remove <code>unstable-windows-keep-open-tempfile</code> feature.</li> </ul> <h2>3.21.0</h2> <ul> <li>Updated <code>windows-sys</code> requirement to allow version 0.60.x</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Stebalien/tempfile/commit/f720dbe098f847f3899d83305f565a5c46bb818d"><code>f720dbe</code></a> chore: release 3.22.0</li> <li><a href="https://github.com/Stebalien/tempfile/commit/55d742cb5d37d51c5ee107ae6c3898deeb0cc592"><code>55d742c</code></a> chore: remove deprecated unstable feature flag</li> <li><a href="https://github.com/Stebalien/tempfile/commit/bc41a0b586ec52da28971763378162e96d96be8a"><code>bc41a0b</code></a> build(deps): update windows-sys requirement from &gt;=0.52, &lt;0.61 to &gt;=0.52, &lt;0....</li> <li><a href="https://github.com/Stebalien/tempfile/commit/3c55387edee0d79041092f5abfbe899de4fbc8db"><code>3c55387</code></a> test: make sure we don't drop tempdirs early (<a href="https://redirect.github.com/Stebalien/tempfile/issues/373">#373</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/17bf644406959b75bf83d44fcfbd1dfa63d86730"><code>17bf644</code></a> doc(builder): clarify permissions (<a href="https://redirect.github.com/Stebalien/tempfile/issues/372">#372</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/c7423f1761f569c60c504ffed0ef6e124430b162"><code>c7423f1</code></a> doc(env): document the alternative to setting the tempdir (<a href="https://redirect.github.com/Stebalien/tempfile/issues/371">#371</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/5af60ca9e3ca42c5135cd41df3e8a2bd5341b9fc"><code>5af60ca</code></a> test(wasi): run a few tests that shouldn't have been disabled (<a href="https://redirect.github.com/Stebalien/tempfile/issues/370">#370</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/6c0c56198a274de88b877303fa28e6ad96699fa5"><code>6c0c561</code></a> fix(doc): temp_dir doesn't check if writable</li> <li><a href="https://github.com/Stebalien/tempfile/commit/48bff5f54c71a880ea7a9efb19e48be7b2eeb3d9"><code>48bff5f</code></a> test(tempdir): configure tempdir on wasi</li> <li><a href="https://github.com/Stebalien/tempfile/commit/704a1d27520735e8922c58e84cd193365ceaedaf"><code>704a1d2</code></a> test(tempdir): cleanup tempdir tests and run more tests on wasi</li> <li>Additional commits viewable in <a href="https://github.com/Stebalien/tempfile/compare/v3.20.0...v3.22.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tempfile&package-manager=cargo&previous-version=3.20.0&new-version=3.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-23 23:41:35 -07:00
version = "3.23.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tempfile from 3.20.0 to 3.22.0 in /codex-rs (#4030) Bumps [tempfile](https://github.com/Stebalien/tempfile) from 3.20.0 to 3.22.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Stebalien/tempfile/blob/master/CHANGELOG.md">tempfile's changelog</a>.</em></p> <blockquote> <h2>3.22.0</h2> <ul> <li>Updated <code>windows-sys</code> requirement to allow version 0.61.x</li> <li>Remove <code>unstable-windows-keep-open-tempfile</code> feature.</li> </ul> <h2>3.21.0</h2> <ul> <li>Updated <code>windows-sys</code> requirement to allow version 0.60.x</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/Stebalien/tempfile/commit/f720dbe098f847f3899d83305f565a5c46bb818d"><code>f720dbe</code></a> chore: release 3.22.0</li> <li><a href="https://github.com/Stebalien/tempfile/commit/55d742cb5d37d51c5ee107ae6c3898deeb0cc592"><code>55d742c</code></a> chore: remove deprecated unstable feature flag</li> <li><a href="https://github.com/Stebalien/tempfile/commit/bc41a0b586ec52da28971763378162e96d96be8a"><code>bc41a0b</code></a> build(deps): update windows-sys requirement from &gt;=0.52, &lt;0.61 to &gt;=0.52, &lt;0....</li> <li><a href="https://github.com/Stebalien/tempfile/commit/3c55387edee0d79041092f5abfbe899de4fbc8db"><code>3c55387</code></a> test: make sure we don't drop tempdirs early (<a href="https://redirect.github.com/Stebalien/tempfile/issues/373">#373</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/17bf644406959b75bf83d44fcfbd1dfa63d86730"><code>17bf644</code></a> doc(builder): clarify permissions (<a href="https://redirect.github.com/Stebalien/tempfile/issues/372">#372</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/c7423f1761f569c60c504ffed0ef6e124430b162"><code>c7423f1</code></a> doc(env): document the alternative to setting the tempdir (<a href="https://redirect.github.com/Stebalien/tempfile/issues/371">#371</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/5af60ca9e3ca42c5135cd41df3e8a2bd5341b9fc"><code>5af60ca</code></a> test(wasi): run a few tests that shouldn't have been disabled (<a href="https://redirect.github.com/Stebalien/tempfile/issues/370">#370</a>)</li> <li><a href="https://github.com/Stebalien/tempfile/commit/6c0c56198a274de88b877303fa28e6ad96699fa5"><code>6c0c561</code></a> fix(doc): temp_dir doesn't check if writable</li> <li><a href="https://github.com/Stebalien/tempfile/commit/48bff5f54c71a880ea7a9efb19e48be7b2eeb3d9"><code>48bff5f</code></a> test(tempdir): configure tempdir on wasi</li> <li><a href="https://github.com/Stebalien/tempfile/commit/704a1d27520735e8922c58e84cd193365ceaedaf"><code>704a1d2</code></a> test(tempdir): cleanup tempdir tests and run more tests on wasi</li> <li>Additional commits viewable in <a href="https://github.com/Stebalien/tempfile/compare/v3.20.0...v3.22.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tempfile&package-manager=cargo&previous-version=3.20.0&new-version=3.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-23 23:41:35 -07:00
checksum = "2d31c77bdf42a745371d260a26ca7163f1e0924b64afa0b688e61b5a9fa02f16"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"fastrand",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"getrandom 0.3.3",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"once_cell",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"rustix 1.0.8",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
"windows-sys 0.61.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "term"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c59df8ac95d96ff9bede18eb7300b0fda5e5d8d90960e76f8e14ae765eedbf1f"
dependencies = [
"dirs-next",
"rustversion",
"winapi",
]
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
[[package]]
name = "termcolor"
version = "1.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06794f8f6c5c898b3275aebefa6b8a1cb24cd2c6c79397ab15774837a0bc5755"
dependencies = [
"winapi-util",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "terminal_size"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.4.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "45c6481c4829e4cc63825e62c49186a34538b7b2750b73b266581ffb612fb5ed"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"rustix 1.0.8",
"windows-sys 0.59.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "termtree"
version = "0.5.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8f50febec83f5ee1df3015341d8bd429f2d1cc62bcba7ea2076759d315084683"
chore(core) Consolidate apply_patch tests (#6545) ## Summary Consolidates our apply_patch tests into one suite, and ensures each test case tests the various ways the harness supports apply_patch: 1. Freeform custom tool call 2. JSON function tool 3. Simple shell call 4. Heredoc shell call There are a few test cases that are specific to a particular variant, I've left those alone. ## Testing - [x] This adds a significant number of tests
2025-11-13 15:52:39 -08:00
[[package]]
name = "test-case"
version = "3.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eb2550dd13afcd286853192af8601920d959b14c401fcece38071d53bf0768a8"
dependencies = [
"test-case-macros",
]
[[package]]
name = "test-case-core"
version = "3.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adcb7fd841cd518e279be3d5a3eb0636409487998a4aff22f3de87b81e88384f"
dependencies = [
"cfg-if",
"proc-macro2",
"quote",
"syn 2.0.104",
]
[[package]]
name = "test-case-macros"
version = "3.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c89e72a01ed4c579669add59014b9a524d609c0c88c6a585ce37485879f6ffb"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
"test-case-core",
]
Support graceful agent interruption (#5287)
2025-10-17 11:52:57 -07:00
[[package]]
name = "test-log"
version = "0.2.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e33b98a582ea0be1168eba097538ee8dd4bbe0f2b01b22ac92ea30054e5be7b"
dependencies = [
"env_logger",
"test-log-macros",
"tracing-subscriber",
]
[[package]]
name = "test-log-macros"
version = "0.2.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "451b374529930d7601b1eef8d32bc79ae870b6079b069401709c2a8bf9e75f36"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "textwrap"
version = "0.11.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060"
dependencies = [
"unicode-width 0.1.14",
]
custom textarea (#1794) This replaces tui-textarea with a custom textarea component. Key differences: 1. wrapped lines 2. better unicode handling 3. uses the native terminal cursor This should perhaps be spun out into its own separate crate at some point, but for now it's convenient to have it in-tree.
2025-08-03 11:31:35 -07:00
[[package]]
name = "textwrap"
version = "0.16.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c13547615a44dc9c452a8a534638acdf07120d4b6847c8178705da06306a3057"
dependencies = [
"smawk",
"unicode-linebreak",
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
"unicode-width 0.2.1",
custom textarea (#1794) This replaces tui-textarea with a custom textarea component. Key differences: 1. wrapped lines 2. better unicode handling 3. uses the native terminal cursor This should perhaps be spun out into its own separate crate at some point, but for now it's convenient to have it in-tree.
2025-08-03 11:31:35 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "thiserror"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6aaf5339b578ea85b50e080feb250a3e8ae8cfcdff9a461c9ec2904bc923f52"
dependencies = [
"thiserror-impl 1.0.69",
]
[[package]]
name = "thiserror"
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
version = "2.0.17"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
checksum = "f63587ca0f12b72a0600bcba1d40081f830876000bb46dd2337a3051618f4fc8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror-impl 2.0.17",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "thiserror-impl"
version = "1.0.69"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4fee6c4efc90059e10f81e6d42c60a18f76588c3d74cb83a0b242a2b6c7504c1"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "thiserror-impl"
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
version = "2.0.17"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
checksum = "3ff15c8ecd7de3849db632e14d18d2571fa09dfc5ed93479bc4485c7a517c913"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "thread_local"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "1.1.9"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "f60246a4944f24f6e018aa17cdeffb7818b76356965d03b07d6a9886e8962185"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cfg-if",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "tiff"
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
version = "0.10.3"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
checksum = "af9605de7fee8d9551863fd692cce7637f548dbd9db9180fcc07ccc6d26c336f"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
dependencies = [
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
"fax",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
"flate2",
chore(deps): bump image from 0.25.6 to 0.25.8 in /codex-rs (#3297) Bumps [image](https://github.com/image-rs/image) from 0.25.6 to 0.25.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/v0.25.8/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.8</h3> <p>Re-release of <code>0.25.7</code></p> <p>Fixes:</p> <ul> <li>Reverted a signature change to <code>load_from_memory</code> that lead to large scale type inference breakage despite being technically compatible.</li> <li>Color conversion Luma to Rgb used incorrect coefficients instead of broadcasting.</li> </ul> <h3>Version 0.25.7 (yanked)</h3> <p>Features:</p> <ul> <li>Added an API for external image format implementations to register themselves as decoders for a specific format in <code>image</code> (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> <li>Added <a href="https://www.color.org/iccmax/download/CICP_tag_and_type_amendment.pdf">CICP</a> awarenes via <a href="https://crates.io/crates/moxcms">moxcms</a> to support color spaces (<a href="https://redirect.github.com/image-rs/image/issues/2531">#2531</a>). The support for transforming is limited for now and will be gradually expanded.</li> <li>You can now embed Exif metadata when writing JPEG, PNG and WebP images (<a href="https://redirect.github.com/image-rs/image/issues/2537">#2537</a>, <a href="https://redirect.github.com/image-rs/image/issues/2539">#2539</a>)</li> <li>Added functions to extract orientation from Exif metadata and optionally clear it in the Exif chunk (<a href="https://redirect.github.com/image-rs/image/issues/2484">#2484</a>)</li> <li>Serde support for more types (<a href="https://redirect.github.com/image-rs/image/issues/2445">#2445</a>)</li> <li>PNM encoder now supports writing 16-bit images (<a href="https://redirect.github.com/image-rs/image/issues/2431">#2431</a>)</li> </ul> <p>API improvements:</p> <ul> <li><code>save</code>, <code>save_with_format</code>, <code>write_to</code> and <code>write_with_encoder</code> methods on <code>DynamicImage</code> now automatically convert the pixel format when necessary instead of returning an error (<a href="https://redirect.github.com/image-rs/image/issues/2501">#2501</a>)</li> <li>Added <code>DynamicImage::has_alpha()</code> convenience method</li> <li>Implemented <code>TryFrom&lt;ExtendedColorType&gt;</code> for <code>ColorType</code> (<a href="https://redirect.github.com/image-rs/image/issues/2444">#2444</a>)</li> <li>Added <code>const HAS_ALPHA</code> to trait <code>Pixel</code></li> <li>Unified the error for unsupported encoder colors (<a href="https://redirect.github.com/image-rs/image/issues/2543">#2543</a>)</li> <li>Added a <code>hooks</code> module to customize builtin behavior, <code>register_format_detection_hook</code> and <code>register_decoding_hook</code> for the determining format of a file and selecting an <code>ImageDecoder</code> implementation respectively. (<a href="https://redirect.github.com/image-rs/image/issues/2372">#2372</a>)</li> </ul> <p>Performance improvements:</p> <ul> <li>Gaussian blur (<a href="https://redirect.github.com/image-rs/image/issues/2496">#2496</a>) and box blur (<a href="https://redirect.github.com/image-rs/image/issues/2515">#2515</a>) are now faster</li> <li>Improve compilation times by avoiding unnecessary instantiation of generic functions (<a href="https://redirect.github.com/image-rs/image/issues/2468">#2468</a>, <a href="https://redirect.github.com/image-rs/image/issues/2470">#2470</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Many improvements to image format decoding: TIFF, WebP, AVIF, PNG, GIF, BMP, TGA</li> <li>Fixed <code>GifEncoder::encode()</code> ignoring the speed parameter and always using the slowest speed (<a href="https://redirect.github.com/image-rs/image/issues/2504">#2504</a>)</li> <li><code>.pnm</code> is now recognized as a file extension for the PNM format (<a href="https://redirect.github.com/image-rs/image/issues/2559">#2559</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/98b001da0ddcd91936a716696fba877df910b61d"><code>98b001d</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2592">#2592</a> from image-rs/release-0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/f86232081c576d30e965ad236b07f90b93d7eb36"><code>f862320</code></a> Metadata and changelog for a 0.25.8</li> <li><a href="https://github.com/image-rs/image/commit/3b1c1db11d756b67c57b278ffe94033aaaf98a50"><code>3b1c1db</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2593">#2593</a> from image-rs/luma-to-rgb-transform-is-broadcast</li> <li><a href="https://github.com/image-rs/image/commit/1f574d3d1e1a1ad6a49ef3fa4cc7562b0a048979"><code>1f574d3</code></a> Replace manual rounding code with f32::round</li> <li><a href="https://github.com/image-rs/image/commit/545cb3788bf6780d5e8765148a827f41dd17bd9d"><code>545cb37</code></a> Color tests in the middle of dynamic range</li> <li><a href="https://github.com/image-rs/image/commit/9882fa9fe023ff2d5a987603a9024788e06f187a"><code>9882fa9</code></a> Remove coefficients from luma_expand</li> <li><a href="https://github.com/image-rs/image/commit/70b9aa3ef100d8cf7bf2740ed2d3e0597784bd8a"><code>70b9aa3</code></a> Revert &quot;Make load_from_memory generic&quot;</li> <li><a href="https://github.com/image-rs/image/commit/b94c33379fee11e7fe93fd92e66d4d4dd29562bb"><code>b94c333</code></a> Enable CI for backport branch</li> <li><a href="https://github.com/image-rs/image/commit/a24556bc87457086b10d02d685a2ccbe66f261ac"><code>a24556b</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2581">#2581</a> from image-rs/release-0.25.7</li> <li><a href="https://github.com/image-rs/image/commit/9175dbc70e01159e8d0cef5d96728854d377f35d"><code>9175dbc</code></a> Fix readme typo (<a href="https://redirect.github.com/image-rs/image/issues/2580">#2580</a>)</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.6...v0.25.8">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.6&new-version=0.25.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-08 08:25:23 -07:00
"half",
"quick-error",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
"weezl",
chore(deps): bump image from 0.25.8 to 0.25.9 in /codex-rs (#7421) Bumps [image](https://github.com/image-rs/image) from 0.25.8 to 0.25.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/main/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.9</h3> <p>Features:</p> <ul> <li>Support extracting XMP metadata from PNG, JPEG, GIF, WebP and TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2567">#2567</a>, <a href="https://redirect.github.com/image-rs/image/issues/2634">#2634</a>, <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Support reading IPTC metadata from PNG and JPG files (<a href="https://redirect.github.com/image-rs/image/issues/2611">#2611</a>)</li> <li>Support reading ICC profile from GIF files (<a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Allow setting a specific DEFLATE compression level when writing PNG (<a href="https://redirect.github.com/image-rs/image/issues/2583">#2583</a>)</li> <li>Initial support for 16-bit CMYK TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2588">#2588</a>)</li> <li>Allow extracting the alpha channel of a <code>Pixel</code> in a generic way (<a href="https://redirect.github.com/image-rs/image/issues/2638">#2638</a>)</li> </ul> <p>Structural changes:</p> <ul> <li>EXR format decoding now only uses multi-threading via Rayon when the <code>rayon</code> feature is enabled (<a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a>)</li> <li>Upgraded zune-jpeg to 0.5.x, ravif to 0.12.x, gif to 0.14.x</li> <li>pnm: parse integers in PBM/PGM/PPM headers without allocations (<a href="https://redirect.github.com/image-rs/image/issues/2620">#2620</a>)</li> <li>Replace <code>doc_auto_cfg</code> with <code>doc_cfg</code> (<a href="https://redirect.github.com/image-rs/image/issues/2637">#2637</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Do not encode empty JPEG images (<a href="https://redirect.github.com/image-rs/image/issues/2624">#2624</a>)</li> <li>tga: reject empty images (<a href="https://redirect.github.com/image-rs/image/issues/2614">#2614</a>)</li> <li>tga: fix orientation flip for color mapped images (<a href="https://redirect.github.com/image-rs/image/issues/2607">#2607</a>)</li> <li>tga: adjust colormap lookup to match tga 2.0 spec (<a href="https://redirect.github.com/image-rs/image/issues/2608">#2608</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/5ceb6af6c2b6671931a02fda955ce1676321711d"><code>5ceb6af</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2640">#2640</a> from Shnatsel/release-v0.25.9</li> <li><a href="https://github.com/image-rs/image/commit/282d7b345c9899daabee56204985336d77dc88a7"><code>282d7b3</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2646">#2646</a> from oligamiq/main</li> <li><a href="https://github.com/image-rs/image/commit/5412aeee5a2561b5e5e04f71c58aa122eb91e0c8"><code>5412aee</code></a> Amend the note in accordance with the advice of 197g.</li> <li><a href="https://github.com/image-rs/image/commit/4e8a4ed2e8294b1a78db9713bffcc8b3faa19aed"><code>4e8a4ed</code></a> Clarify default features in README and add usage note</li> <li><a href="https://github.com/image-rs/image/commit/ca8fa528ff00e9320e94ccf94fea1d236f9c1553"><code>ca8fa52</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a> from image-rs/gif-0.14</li> <li><a href="https://github.com/image-rs/image/commit/d9bc8fe7909d50b2cfc624f27094f80b0f2e8740"><code>d9bc8fe</code></a> mention GIF 0.14 changes</li> <li><a href="https://github.com/image-rs/image/commit/053220a0b1a465cec46e4104c5d4b007a676f361"><code>053220a</code></a> Provide gif's XMP and ICC metadata</li> <li><a href="https://github.com/image-rs/image/commit/2ec20b3b3b2ba985da955ff34baab87b0d7df490"><code>2ec20b3</code></a> Prepare codec with gif@0.14</li> <li><a href="https://github.com/image-rs/image/commit/31939facce719c4b56391573c24911704c3f8649"><code>31939fa</code></a> Mention EXR rayon change</li> <li><a href="https://github.com/image-rs/image/commit/c7f68be265bd1b000712255d14ba548f2709ecf8"><code>c7f68be</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a> from Shnatsel/really-optional-rayon</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.8...v0.25.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.8&new-version=0.25.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:50:51 -08:00
"zune-jpeg 0.4.19",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "time"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
version = "0.3.44"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
checksum = "91e7d9e3bb61134e77bde20dd4825b97c010155709965fedf0f49bb138e52a9d"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"deranged",
"itoa",
fix: tighten up some logic around session timestamps and ids (#922) * update `SessionConfigured` event to include the UUID for the session * show the UUID in the Rust TUI * use local timestamps in log files instead of UTC * include timestamps in log file names for easier discovery
2025-05-13 19:22:16 -07:00
"libc",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"num-conv",
fix: tighten up some logic around session timestamps and ids (#922) * update `SessionConfigured` event to include the UUID for the session * show the UUID in the Rust TUI * use local timestamps in log files instead of UTC * include timestamps in log file names for easier discovery
2025-05-13 19:22:16 -07:00
"num_threads",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"powerfmt",
"serde",
"time-core",
"time-macros",
]
[[package]]
name = "time-core"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
version = "0.1.6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
checksum = "40868e7c1d2f0b8d73e4a8c7f0ff63af4f6d19be117e90bd73eb1d62cf831c6b"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "time-macros"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
version = "0.2.24"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore: extract readiness in a dedicated utils crate (#4140) Create an `utils` directory for the small utils crates
2025-09-24 11:15:54 +01:00
checksum = "30cfb0125f12d9c277f35663a0a33f8c30190f4e4574868a330595412d34ebf3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"num-conv",
"time-core",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "tiny-keccak"
version = "2.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2c9d3793400a45f954c52e73d068316d76b6f4e36977e3fcebb13a2721e80237"
dependencies = [
"crunchy",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "tiny_http"
version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "389915df6413a2e74fb181895f933386023c71110878cd0825588928e64cdc82"
dependencies = [
"ascii",
"chunked_transfer",
"httpdate",
"log",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tinystr"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.8.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "5d4f6d1145dcb577acf783d4e601bc1d76a13337bb54e6233add580b07344c8b"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"displaydoc",
"zerovec",
]
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "tinyvec"
version = "1.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bfa5fdc3bce6191a1dbc8c02d5c8bffcf557bafa17c124c5264a458f1b0613fa"
dependencies = [
"tinyvec_macros",
]
[[package]]
name = "tinyvec_macros"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tokio"
chore(deps): bump tokio from 1.46.1 to 1.47.1 in /codex-rs (#1816) Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.46.1 to 1.47.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.47.1</h2> <h1>1.47.1 (August 1st, 2025)</h1> <h3>Fixed</h3> <ul> <li>process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li>sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7485">tokio-rs/tokio#7485</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7494">tokio-rs/tokio#7494</a></p> <h2>Tokio v1.47.0</h2> <h1>1.47.0 (July 25th, 2025)</h1> <p>This release adds <code>poll_proceed</code> and <code>cooperative</code> to the <code>coop</code> module for cooperative scheduling, adds <code>SetOnce</code> to the <code>sync</code> module which provides similar functionality to [<code>std::sync::OnceLock</code>], and adds a new method <code>sync::Notify::notified_owned()</code> which returns an <code>OwnedNotified</code> without a lifetime parameter.</p> <h2>Added</h2> <ul> <li>coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li> <li>sync: add <code>SetOnce</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li> <li>sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> </ul> <h2>Changed</h2> <ul> <li>deps: upgrade windows-sys 0.52 → 0.59 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7117">#7117</a>)</li> <li>deps: update to socket2 v0.6 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7443">#7443</a>)</li> <li>sync: improve <code>AtomicWaker::wake</code> performance (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>)</li> </ul> <h2>Documented</h2> <ul> <li>metrics: fix listed feature requirements for some metrics (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>)</li> <li>runtime: improve safety comments of <code>Readiness&lt;'_&gt;</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7405">tokio-rs/tokio#7405</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7415">tokio-rs/tokio#7415</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7418">tokio-rs/tokio#7418</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7449">tokio-rs/tokio#7449</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7450">tokio-rs/tokio#7450</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7465">tokio-rs/tokio#7465</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/be8ee45b3fc2d107174e586141b1cb12c93e2ddf"><code>be8ee45</code></a> chore: prepare Tokio v1.47.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d9b19166cde30b8d4a65f31a94b5ee09d2dd7b8c"><code>d9b1916</code></a> Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/db8edc620fb369f6cc92dd9dcfdd03b832c2b02f"><code>db8edc6</code></a> chore: prepare Tokio v1.43.2 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4730984d66e708b36efe84245cbf15bd483a886f"><code>4730984</code></a> readme: add 1.47 as LTS release (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/1979615cbf1cc4b4d296814957394703827362d0"><code>1979615</code></a> process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/f669a609cf1eaa94d2bc135212f57ff913eca898"><code>f669a60</code></a> ci: add lockfile for LTS branch</li> <li><a href="https://github.com/tokio-rs/tokio/commit/ce41896f8dcbc6249df3279600f45f7a65915cf6"><code>ce41896</code></a> sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/c8ab78a84fff284958dc84b77b5222fecd0f44b2"><code>c8ab78a</code></a> changelog: fix incorrect PR number for 1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7484">#7484</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/3911cb8523f190142f61c64b66881c07c0d3e7be"><code>3911cb8</code></a> chore: prepare Tokio v1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7482">#7482</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d545aa2601e3008ce49c8c0191b0f172ce577452"><code>d545aa2</code></a> sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.46.1...tokio-1.47.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.46.1&new-version=1.47.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-04 14:50:53 -07:00
version = "1.47.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tokio from 1.46.1 to 1.47.1 in /codex-rs (#1816) Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.46.1 to 1.47.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.47.1</h2> <h1>1.47.1 (August 1st, 2025)</h1> <h3>Fixed</h3> <ul> <li>process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li>sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7485">tokio-rs/tokio#7485</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7494">tokio-rs/tokio#7494</a></p> <h2>Tokio v1.47.0</h2> <h1>1.47.0 (July 25th, 2025)</h1> <p>This release adds <code>poll_proceed</code> and <code>cooperative</code> to the <code>coop</code> module for cooperative scheduling, adds <code>SetOnce</code> to the <code>sync</code> module which provides similar functionality to [<code>std::sync::OnceLock</code>], and adds a new method <code>sync::Notify::notified_owned()</code> which returns an <code>OwnedNotified</code> without a lifetime parameter.</p> <h2>Added</h2> <ul> <li>coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li> <li>sync: add <code>SetOnce</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li> <li>sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> </ul> <h2>Changed</h2> <ul> <li>deps: upgrade windows-sys 0.52 → 0.59 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7117">#7117</a>)</li> <li>deps: update to socket2 v0.6 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7443">#7443</a>)</li> <li>sync: improve <code>AtomicWaker::wake</code> performance (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>)</li> </ul> <h2>Documented</h2> <ul> <li>metrics: fix listed feature requirements for some metrics (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>)</li> <li>runtime: improve safety comments of <code>Readiness&lt;'_&gt;</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7405">tokio-rs/tokio#7405</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7415">tokio-rs/tokio#7415</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7418">tokio-rs/tokio#7418</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7449">tokio-rs/tokio#7449</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7450">tokio-rs/tokio#7450</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7465">tokio-rs/tokio#7465</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/be8ee45b3fc2d107174e586141b1cb12c93e2ddf"><code>be8ee45</code></a> chore: prepare Tokio v1.47.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d9b19166cde30b8d4a65f31a94b5ee09d2dd7b8c"><code>d9b1916</code></a> Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/db8edc620fb369f6cc92dd9dcfdd03b832c2b02f"><code>db8edc6</code></a> chore: prepare Tokio v1.43.2 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4730984d66e708b36efe84245cbf15bd483a886f"><code>4730984</code></a> readme: add 1.47 as LTS release (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/1979615cbf1cc4b4d296814957394703827362d0"><code>1979615</code></a> process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/f669a609cf1eaa94d2bc135212f57ff913eca898"><code>f669a60</code></a> ci: add lockfile for LTS branch</li> <li><a href="https://github.com/tokio-rs/tokio/commit/ce41896f8dcbc6249df3279600f45f7a65915cf6"><code>ce41896</code></a> sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/c8ab78a84fff284958dc84b77b5222fecd0f44b2"><code>c8ab78a</code></a> changelog: fix incorrect PR number for 1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7484">#7484</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/3911cb8523f190142f61c64b66881c07c0d3e7be"><code>3911cb8</code></a> chore: prepare Tokio v1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7482">#7482</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d545aa2601e3008ce49c8c0191b0f172ce577452"><code>d545aa2</code></a> sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.46.1...tokio-1.47.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.46.1&new-version=1.47.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-04 14:50:53 -07:00
checksum = "89e49afdadebb872d3145a5638b59eb0691ea23e46ca484037cfab3b76b95038"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"backtrace",
"bytes",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"io-uring",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"libc",
"mio",
feat: standalone file search CLI (#1386) Standalone fuzzy filename search library that should be helpful in addressing https://github.com/openai/codex/issues/1261.
2025-06-25 13:29:03 -07:00
"parking_lot",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"pin-project-lite",
"signal-hook-registry",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"slab",
chore(deps): bump socket2 from 0.6.0 to 0.6.1 in /codex-rs (#8046) Bumps [socket2](https://github.com/rust-lang/socket2) from 0.6.0 to 0.6.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-lang/socket2/blob/master/CHANGELOG.md">socket2's changelog</a>.</em></p> <blockquote> <h1>0.6.1</h1> <h2>Added</h2> <ul> <li>Added support for Windows Registered I/O (RIO) (<a href="https://redirect.github.com/rust-lang/socket2/pull/604">rust-lang/socket2#604</a>).</li> <li>Added support for <code>TCP_NOTSENT_LOWAT</code> on Linux via <code>Socket::(set_)tcp_notsent_lowat</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/611">rust-lang/socket2#611</a>).</li> <li>Added support for <code>SO_BUSY_POLL</code> on Linux via <code>Socket::set_busy_poll</code> (<a href="https://redirect.github.com/rust-lang/socket2/pull/607">rust-lang/socket2#607</a>).</li> <li><code>SockFilter::new</code> is now a const function (<a href="https://redirect.github.com/rust-lang/socket2/pull/609">rust-lang/socket2#609</a>).</li> </ul> <h2>Changed</h2> <ul> <li>Updated the windows-sys dependency to version 0.60 (<a href="https://redirect.github.com/rust-lang/socket2/pull/605">rust-lang/socket2#605</a>).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-lang/socket2/commit/d0ba3d39a6328115a49f470b11be25fd5eba686d"><code>d0ba3d3</code></a> Release v0.6.1</li> <li><a href="https://github.com/rust-lang/socket2/commit/3a8b7edda3d81b849b5f961481154510e718dde7"><code>3a8b7ed</code></a> Add example to create <code>SockAddr</code> from <code>libc::sockaddr_storage</code> (<a href="https://redirect.github.com/rust-lang/socket2/issues/615">#615</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/b54e2e6dbf44baee462afb48285d6595e5800381"><code>b54e2e6</code></a> Disable armv7-sony-vita-newlibeabihf CI check</li> <li><a href="https://github.com/rust-lang/socket2/commit/2d4a2f7b3b791118074f5b5ac6f3f92a890ad7b0"><code>2d4a2f7</code></a> Update feature <code>doc_auto_cfg</code> to <code>doc_cfg</code></li> <li><a href="https://github.com/rust-lang/socket2/commit/11aa1029f2ffbc4915d788a85fa739da77599198"><code>11aa102</code></a> Add missing components when installing Rust in CI</li> <li><a href="https://github.com/rust-lang/socket2/commit/528ba2b0dacac88567c2af2e0bf6fd64fe6c4d5c"><code>528ba2b</code></a> Add TCP_NOTSENT_LOWAT socketopt support</li> <li><a href="https://github.com/rust-lang/socket2/commit/1fdd2938c1f3ed81f1a5e0c4ed655146252a3532"><code>1fdd293</code></a> Correct rename in CHANGELOG.md (<a href="https://redirect.github.com/rust-lang/socket2/issues/610">#610</a>)</li> <li><a href="https://github.com/rust-lang/socket2/commit/600ff0d2468bd817179c5eab17dd5a69dddb9250"><code>600ff0d</code></a> Add support for Windows Registered I/O</li> <li><a href="https://github.com/rust-lang/socket2/commit/f0836965a165f357ea3be6f5cc47544130d1bfde"><code>f083696</code></a> Allow <code>SockFilter::new</code> in const contexts</li> <li><a href="https://github.com/rust-lang/socket2/commit/15ade5100c865629518190f4234247c8b6e5b1fd"><code>15ade51</code></a> Refactor for cargo fmt</li> <li>Additional commits viewable in <a href="https://github.com/rust-lang/socket2/compare/v0.6.0...v0.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=socket2&package-manager=cargo&previous-version=0.6.0&new-version=0.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:15:58 -08:00
"socket2 0.6.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio-macros",
chore(deps): bump tokio from 1.46.1 to 1.47.1 in /codex-rs (#1816) Bumps [tokio](https://github.com/tokio-rs/tokio) from 1.46.1 to 1.47.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tokio/releases">tokio's releases</a>.</em></p> <blockquote> <h2>Tokio v1.47.1</h2> <h1>1.47.1 (August 1st, 2025)</h1> <h3>Fixed</h3> <ul> <li>process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li>sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7485">tokio-rs/tokio#7485</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7494">tokio-rs/tokio#7494</a></p> <h2>Tokio v1.47.0</h2> <h1>1.47.0 (July 25th, 2025)</h1> <p>This release adds <code>poll_proceed</code> and <code>cooperative</code> to the <code>coop</code> module for cooperative scheduling, adds <code>SetOnce</code> to the <code>sync</code> module which provides similar functionality to [<code>std::sync::OnceLock</code>], and adds a new method <code>sync::Notify::notified_owned()</code> which returns an <code>OwnedNotified</code> without a lifetime parameter.</p> <h2>Added</h2> <ul> <li>coop: add <code>cooperative</code> and <code>poll_proceed</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>)</li> <li>sync: add <code>SetOnce</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>)</li> <li>sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> </ul> <h2>Changed</h2> <ul> <li>deps: upgrade windows-sys 0.52 → 0.59 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7117">#7117</a>)</li> <li>deps: update to socket2 v0.6 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7443">#7443</a>)</li> <li>sync: improve <code>AtomicWaker::wake</code> performance (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>)</li> </ul> <h2>Documented</h2> <ul> <li>metrics: fix listed feature requirements for some metrics (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>)</li> <li>runtime: improve safety comments of <code>Readiness&lt;'_&gt;</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tokio/issues/7405">#7405</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7405">tokio-rs/tokio#7405</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7415">#7415</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7415">tokio-rs/tokio#7415</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7418">#7418</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7418">tokio-rs/tokio#7418</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7449">#7449</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7449">tokio-rs/tokio#7449</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7450">#7450</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7450">tokio-rs/tokio#7450</a> <a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>: <a href="https://redirect.github.com/tokio-rs/tokio/pull/7465">tokio-rs/tokio#7465</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/be8ee45b3fc2d107174e586141b1cb12c93e2ddf"><code>be8ee45</code></a> chore: prepare Tokio v1.47.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d9b19166cde30b8d4a65f31a94b5ee09d2dd7b8c"><code>d9b1916</code></a> Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/db8edc620fb369f6cc92dd9dcfdd03b832c2b02f"><code>db8edc6</code></a> chore: prepare Tokio v1.43.2 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4730984d66e708b36efe84245cbf15bd483a886f"><code>4730984</code></a> readme: add 1.47 as LTS release (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/1979615cbf1cc4b4d296814957394703827362d0"><code>1979615</code></a> process: fix panic from spurious pidfd wakeup (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7494">#7494</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/f669a609cf1eaa94d2bc135212f57ff913eca898"><code>f669a60</code></a> ci: add lockfile for LTS branch</li> <li><a href="https://github.com/tokio-rs/tokio/commit/ce41896f8dcbc6249df3279600f45f7a65915cf6"><code>ce41896</code></a> sync: fix broken link of Python <code>asyncio.Event</code> in <code>SetOnce</code> docs (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7485">#7485</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/c8ab78a84fff284958dc84b77b5222fecd0f44b2"><code>c8ab78a</code></a> changelog: fix incorrect PR number for 1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7484">#7484</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/3911cb8523f190142f61c64b66881c07c0d3e7be"><code>3911cb8</code></a> chore: prepare Tokio v1.47.0 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7482">#7482</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d545aa2601e3008ce49c8c0191b0f172ce577452"><code>d545aa2</code></a> sync: add <code>sync::Notify::notified_owned()</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7465">#7465</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-1.46.1...tokio-1.47.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio&package-manager=cargo&previous-version=1.46.1&new-version=1.47.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-04 14:50:53 -07:00
"windows-sys 0.59.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "tokio-macros"
version = "2.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6e06d43f1345a3bcd39f6a56dbb7dcab2ba47e68e8ac134855e7e2bdbaf8cab8"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "tokio-native-tls"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bbae76ab933c85776efabc971569dd6119c580d8f5d448769dec1764bf796ef2"
dependencies = [
"native-tls",
"tokio",
]
[[package]]
name = "tokio-rustls"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.26.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "8e727b36a1a0e8b74c376ac2211e40c2c8af09fb4013c60d910495810f008e9b"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"rustls",
"tokio",
]
Add SSE Response parser tests (#1541) ## Summary - add `tokio-test` dev dependency - implement response stream parsing unit tests ## Testing - `cargo clippy -p codex-core --tests -- -D warnings` - `cargo test -p codex-core -- --nocapture` ------ https://chatgpt.com/codex/tasks/task_i_687163f3b2208321a6ce2adbef3fbc06
2025-07-14 14:51:32 -07:00
[[package]]
name = "tokio-stream"
version = "0.1.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "eca58d7bba4a75707817a2c44174253f9236b2d5fbd055602e9d5c07c139a047"
dependencies = [
"futures-core",
"pin-project-lite",
"tokio",
refactor TUI event loop to enable dropping + recreating crossterm event stream (#7961) Introduces an `EventBroker` between the crossterm `EventStream` source and the consumers in the TUI. This enables dropping + recreating the `crossterm_events` without invalidating the consumer. Dropping and recreating the crossterm event stream enables us to fully relinquish `stdin` while the app keeps running. If the stream is not dropped, it will continue to read from `stdin` even when it is not actively being polled, potentially stealing input from other processes. See [here](https://www.reddit.com/r/rust/comments/1f3o33u/myterious_crossterm_input_after_running_vim/?utm_source=chatgpt.com) and [here](https://ratatui.rs/recipes/apps/spawn-vim/) for details. ### Tests Added tests for new `EventBroker` setup, existing tests pass, tested locally.
2025-12-16 01:14:03 -08:00
"tokio-util",
Add SSE Response parser tests (#1541) ## Summary - add `tokio-test` dev dependency - implement response stream parsing unit tests ## Testing - `cargo clippy -p codex-core --tests -- -D warnings` - `cargo test -p codex-core -- --nocapture` ------ https://chatgpt.com/codex/tasks/task_i_687163f3b2208321a6ce2adbef3fbc06
2025-07-14 14:51:32 -07:00
]
[[package]]
name = "tokio-test"
version = "0.4.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2468baabc3311435b55dd935f702f42cd1b8abb7e754fb7dfb16bd36aa88f9f7"
dependencies = [
"async-stream",
"bytes",
"futures-core",
"tokio",
"tokio-stream",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tokio-util"
chore(deps): bump tokio-util from 0.7.15 to 0.7.16 in /codex-rs (#2155) Bumps [tokio-util](https://github.com/tokio-rs/tokio) from 0.7.15 to 0.7.16. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/cf6b50a3fd44684d63fd758aae1ee2955f16c798"><code>cf6b50a</code></a> chore: prepare tokio-util v0.7.16 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7507">#7507</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/416e36b0dff3214a9fd9dee26f9e554d7d162b46"><code>416e36b</code></a> task: stabilise <code>JoinMap</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7075">#7075</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/9741c90f9f8b14a7d78d7629a29a281602d5f2b9"><code>9741c90</code></a> sync: document cancel safety on <code>SetOnce::wait</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7506">#7506</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4e3f17bce3addf0bbf626e4847bab73e28328181"><code>4e3f17b</code></a> codec: also apply capacity to read buffer in <code>Framed::with_capacity</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7500">#7500</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/86cbf81e151772fad0f2fc8afa0fa7094d00b81d"><code>86cbf81</code></a> Merge 'tokio-1.47.1' into 'master'</li> <li><a href="https://github.com/tokio-rs/tokio/commit/be8ee45b3fc2d107174e586141b1cb12c93e2ddf"><code>be8ee45</code></a> chore: prepare Tokio v1.47.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d9b19166cde30b8d4a65f31a94b5ee09d2dd7b8c"><code>d9b1916</code></a> Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/db8edc620fb369f6cc92dd9dcfdd03b832c2b02f"><code>db8edc6</code></a> chore: prepare Tokio v1.43.2 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/e47565b086436a9024812d5cc0ba5672ab515e47"><code>e47565b</code></a> blocking: clarify that spawn_blocking is aborted if not yet started (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7501">#7501</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4730984d66e708b36efe84245cbf15bd483a886f"><code>4730984</code></a> readme: add 1.47 as LTS release (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-util-0.7.15...tokio-util-0.7.16">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio-util&package-manager=cargo&previous-version=0.7.15&new-version=0.7.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-11 09:08:21 -07:00
version = "0.7.16"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tokio-util from 0.7.15 to 0.7.16 in /codex-rs (#2155) Bumps [tokio-util](https://github.com/tokio-rs/tokio) from 0.7.15 to 0.7.16. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tokio/commit/cf6b50a3fd44684d63fd758aae1ee2955f16c798"><code>cf6b50a</code></a> chore: prepare tokio-util v0.7.16 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7507">#7507</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/416e36b0dff3214a9fd9dee26f9e554d7d162b46"><code>416e36b</code></a> task: stabilise <code>JoinMap</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7075">#7075</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/9741c90f9f8b14a7d78d7629a29a281602d5f2b9"><code>9741c90</code></a> sync: document cancel safety on <code>SetOnce::wait</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7506">#7506</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4e3f17bce3addf0bbf626e4847bab73e28328181"><code>4e3f17b</code></a> codec: also apply capacity to read buffer in <code>Framed::with_capacity</code> (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7500">#7500</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/86cbf81e151772fad0f2fc8afa0fa7094d00b81d"><code>86cbf81</code></a> Merge 'tokio-1.47.1' into 'master'</li> <li><a href="https://github.com/tokio-rs/tokio/commit/be8ee45b3fc2d107174e586141b1cb12c93e2ddf"><code>be8ee45</code></a> chore: prepare Tokio v1.47.1 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7504">#7504</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/d9b19166cde30b8d4a65f31a94b5ee09d2dd7b8c"><code>d9b1916</code></a> Merge 'tokio-1.43.2' into 'tokio-1.47.x' (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7503">#7503</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/db8edc620fb369f6cc92dd9dcfdd03b832c2b02f"><code>db8edc6</code></a> chore: prepare Tokio v1.43.2 (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7502">#7502</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/e47565b086436a9024812d5cc0ba5672ab515e47"><code>e47565b</code></a> blocking: clarify that spawn_blocking is aborted if not yet started (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7501">#7501</a>)</li> <li><a href="https://github.com/tokio-rs/tokio/commit/4730984d66e708b36efe84245cbf15bd483a886f"><code>4730984</code></a> readme: add 1.47 as LTS release (<a href="https://redirect.github.com/tokio-rs/tokio/issues/7497">#7497</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tokio/compare/tokio-util-0.7.15...tokio-util-0.7.16">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tokio-util&package-manager=cargo&previous-version=0.7.15&new-version=0.7.16)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-11 09:08:21 -07:00
checksum = "14307c986784f72ef81c89db7d9e28d6ac26d16213b109ea501696195e6e3ce5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"bytes",
"futures-core",
"futures-sink",
Simplify parallel (#4829) make tool processing return a future and then collect futures. handle cleanup on Drop
2025-10-07 10:12:38 -07:00
"futures-util",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"pin-project-lite",
refactor: tui.rs extract several pieces (#7461) Pull FrameRequester out of tui.rs into its own module and make a FrameScheduler struct. This is effectively an Actor/Handler approach (see https://ryhl.io/blog/actors-with-tokio/). Adds tests and docs. Small refactor of pending_viewport_area logic.
2025-12-02 15:19:27 -08:00
"slab",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tokio",
]
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
[[package]]
name = "toml"
version = "0.5.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234"
dependencies = [
"serde",
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "toml"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.9.5"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "75129e1dc5000bfbaa9fee9d1b21f974f9fbad9daec557a521ee6e080825f6e8"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
dependencies = [
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"serde",
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"serde_spanned",
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
"toml_datetime",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"toml_parser",
"toml_writer",
"winnow",
]
[[package]]
name = "toml_datetime"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
version = "0.7.3"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
checksum = "f2cdb639ebbc97961c51720f858597f7f24c4fc295327923af55b74c3c724533"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
"serde_core",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[config] Onboarding flow with persistence (#1929) ## Summary In collaboration with @gpeal: upgrade the onboarding flow, and persist user settings. --------- Co-authored-by: Gabriel Peal <gabriel@openai.com>
2025-08-07 09:27:38 -07:00
[[package]]
name = "toml_edit"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
version = "0.23.7"
[config] Onboarding flow with persistence (#1929) ## Summary In collaboration with @gpeal: upgrade the onboarding flow, and persist user settings. --------- Co-authored-by: Gabriel Peal <gabriel@openai.com>
2025-08-07 09:27:38 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
checksum = "6485ef6d0d9b5d0ec17244ff7eb05310113c3f316f2d14200d4de56b3cb98f8d"
[config] Onboarding flow with persistence (#1929) ## Summary In collaboration with @gpeal: upgrade the onboarding flow, and persist user settings. --------- Co-authored-by: Gabriel Peal <gabriel@openai.com>
2025-08-07 09:27:38 -07:00
dependencies = [
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
replace tui_markdown with a custom markdown renderer (#3396) Also, simplify the streaming behavior. This fixes a number of display issues with streaming markdown, and paves the way for better markdown features (e.g. customizable styles, syntax highlighting, markdown-aware wrapping). Not currently supported: - footnotes - tables - reference-style links
2025-09-10 12:13:53 -07:00
"toml_datetime",
[config] Onboarding flow with persistence (#1929) ## Summary In collaboration with @gpeal: upgrade the onboarding flow, and persist user settings. --------- Co-authored-by: Gabriel Peal <gabriel@openai.com>
2025-08-07 09:27:38 -07:00
"toml_parser",
"toml_writer",
"winnow",
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "toml_parser"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
version = "1.0.4"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
checksum = "c0cbe268d35bdb4bb5a56a2de88d0ad0eb70af5384a99d648cd4b3d04039800e"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
dependencies = [
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"winnow",
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "toml_writer"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
version = "1.0.4"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
checksum = "df8b2b54733674ad286d16267dcfc7a71ed5c776e4ac7aa3c3e2561f7c637bf2"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "tonic"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7e581ba15a835f4d9ea06c55ab1bd4dce26fc53752c69a04aac00703bfb49ba9"
dependencies = [
"async-trait",
"axum",
"base64",
"bytes",
"h2",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"http-body",
"http-body-util",
"hyper",
"hyper-timeout",
"hyper-util",
"percent-encoding",
"pin-project",
"prost",
[codex][otel] support mtls configuration (#6228) fix for https://github.com/openai/codex/issues/6153 supports mTLS configuration and includes TLS features in the library build to enable secure HTTPS connections with custom root certificates. grpc: https://docs.rs/tonic/0.13.1/src/tonic/transport/channel/endpoint.rs.html#63 https: https://docs.rs/reqwest/0.12.23/src/reqwest/async_impl/client.rs.html#516
2025-11-18 14:01:01 -08:00
"rustls-native-certs",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"socket2 0.5.10",
"tokio",
[codex][otel] support mtls configuration (#6228) fix for https://github.com/openai/codex/issues/6153 supports mTLS configuration and includes TLS features in the library build to enable secure HTTPS connections with custom root certificates. grpc: https://docs.rs/tonic/0.13.1/src/tonic/transport/channel/endpoint.rs.html#63 https: https://docs.rs/reqwest/0.12.23/src/reqwest/async_impl/client.rs.html#516
2025-11-18 14:01:01 -08:00
"tokio-rustls",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"tokio-stream",
"tower",
"tower-layer",
"tower-service",
"tracing",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tower"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d039ad9159c98b70ecfd540b2573b97f7f52c3e8d9f8ad57a24b916a536975f9"
dependencies = [
"futures-core",
"futures-util",
chore(deps): bump indexmap from 2.10.0 to 2.11.4 in /codex-rs (#4804) Bumps [indexmap](https://github.com/indexmap-rs/indexmap) from 2.10.0 to 2.11.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/indexmap-rs/indexmap/blob/main/RELEASES.md">indexmap's changelog</a>.</em></p> <blockquote> <h2>2.11.4 (2025-09-18)</h2> <ul> <li>Updated the <code>hashbrown</code> dependency to a range allowing 0.15 or 0.16.</li> </ul> <h2>2.11.3 (2025-09-15)</h2> <ul> <li>Make the minimum <code>serde</code> version only apply when &quot;serde&quot; is enabled.</li> </ul> <h2>2.11.2 (2025-09-15)</h2> <ul> <li>Switched the &quot;serde&quot; feature to depend on <code>serde_core</code>, improving build parallelism in cases where other dependents have enabled &quot;serde/derive&quot;.</li> </ul> <h2>2.11.1 (2025-09-08)</h2> <ul> <li>Added a <code>get_key_value_mut</code> method to <code>IndexMap</code>.</li> <li>Removed the unnecessary <code>Ord</code> bound on <code>insert_sorted_by</code> methods.</li> </ul> <h2>2.11.0 (2025-08-22)</h2> <ul> <li>Added <code>insert_sorted_by</code> and <code>insert_sorted_by_key</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code>, like customizable versions of <code>insert_sorted</code>.</li> <li>Added <code>is_sorted</code>, <code>is_sorted_by</code>, and <code>is_sorted_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as their <code>Slice</code> counterparts.</li> <li>Added <code>sort_by_key</code> and <code>sort_unstable_by_key</code> methods to <code>IndexMap</code> and <code>IndexSet</code>, as well as parallel counterparts.</li> <li>Added <code>replace_index</code> methods to <code>IndexMap</code>, <code>IndexSet</code>, and <code>VacantEntry</code> to replace the key (or set value) at a given index.</li> <li>Added optional <code>sval</code> serialization support.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/indexmap-rs/indexmap/commit/03f9e58626ad7ef811b1522097bced2400c18b1a"><code>03f9e58</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/418">#418</a> from a1phyr/hashbrown_0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/ee6080d480eea3b738757c6bff1bb21b440f3849"><code>ee6080d</code></a> Release 2.11.4</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/a7da8f181e81f8a37bc46936bf2d1d6db14edddc"><code>a7da8f1</code></a> Use a range for hashbrown</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/0cd5aefb4434fb495cb87ba5de50870d331558fc"><code>0cd5aef</code></a> Update <code>hashbrown</code> to 0.16</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/fd5c819daf8c3c62919ec0bbc777a571ee20ae5a"><code>fd5c819</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/417">#417</a> from cuviper/release-2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/9321145e1f517f31969c0d9ab5a5171cc23c3daf"><code>9321145</code></a> Release 2.11.3</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/7b485688c299ed840d900b5a33aed33a1924a7c9"><code>7b48568</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/416">#416</a> from cuviper/release-2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/49ce7fa4716e24cf9380653a40d88b5186f2f555"><code>49ce7fa</code></a> Release 2.11.2</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/58fd834804415879eb9be862291eba03e945e32a"><code>58fd834</code></a> Merge pull request <a href="https://redirect.github.com/indexmap-rs/indexmap/issues/414">#414</a> from DaniPopes/serde_core</li> <li><a href="https://github.com/indexmap-rs/indexmap/commit/5dc1d6ab3105739ae61039f422e5246f0eee4f64"><code>5dc1d6a</code></a> Depend on <code>serde_core</code> instead of <code>serde</code></li> <li>Additional commits viewable in <a href="https://github.com/indexmap-rs/indexmap/compare/2.10.0...2.11.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=indexmap&package-manager=cargo&previous-version=2.10.0&new-version=2.11.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-31 10:15:52 -07:00
"indexmap 2.12.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"pin-project-lite",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"slab",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"sync_wrapper",
"tokio",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"tokio-util",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"tower-layer",
"tower-service",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
"tracing",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "tower-http"
version = "0.6.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adc82fd73de2a9722ac5da747f12383d2bfdb93591ee6c58486e0097890f05f2"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"bytes",
"futures-util",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"http-body",
"iri-string",
"pin-project-lite",
"tower",
"tower-layer",
"tower-service",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tower-layer"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "121c2a6cda46980bb0fcd1647ffaf6cd3fc79a013de288782836f6df9c48780e"
[[package]]
name = "tower-service"
version = "0.3.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8df9b6e13f2d32c91b9bd719c00d1958837bc7dec474d94952798cc8e69eeec3"
[[package]]
name = "tracing"
chore(deps): bump tracing from 0.1.41 to 0.1.43 in /codex-rs (#7428) Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.41 to 0.1.43. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing's releases</a>.</em></p> <blockquote> <h2>tracing 0.1.43</h2> <h4>Important</h4> <p>The previous release [0.1.42] was yanked because <a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a> was a breaking change. See further details in <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.</p> <h3>Fixed</h3> <ul> <li>Revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3382">tokio-rs/tracing#3382</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3424">tokio-rs/tracing#3424</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3425">tokio-rs/tracing#3425</a> [0.1.42]: <a href="https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42">https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42</a></p> <h2>tracing 0.1.42</h2> <h3>Important</h3> <p>The [<code>Span::record_all</code>] method has been removed from the documented API. It was always unsuable via the documented API as it requried a <code>ValueSet</code> which has no publically documented constructors. The method remains, but should not be used outside of <code>tracing</code> macros.</p> <h3>Added</h3> <ul> <li><strong>attributes</strong>: Support constant expressions as instrument field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>)</li> <li>Add <code>record_all!</code> macro for recording multiple values in one call (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3227">#3227</a>)</li> <li><strong>core</strong>: Improve code generation at trace points significantly (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3398">#3398</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>tracing-core</code>: updated to 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><code>tracing-attributes</code>: updated to 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fix &quot;name / parent&quot; variant of <code>event!</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>)</li> <li>Remove 'r#' prefix from raw identifiers in field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>)</li> <li>Fix perf regression when <code>release_max_level_*</code> not set (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3373">#3373</a>)</li> <li>Use imported instead of fully qualified path (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3374">#3374</a>)</li> <li>Make <code>valueset</code> macro sanitary (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>)</li> </ul> <h3>Documented</h3> <ul> <li><strong>core</strong>: Add missing <code>dyn</code> keyword in <code>Visit</code> documentation code sample (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3387">#3387</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#2983%5D(https://redirect.github.com/tokio-rs/tracing/issues/2983)">tokio-rs/tracing#2983</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3130%5D(https://redirect.github.com/tokio-rs/tracing/issues/3130)">tokio-rs/tracing#3130</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3158%5D(https://redirect.github.com/tokio-rs/tracing/issues/3158)">tokio-rs/tracing#3158</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/64e1c8d3ae5cf5deab40ad3d376c8595d4e4db7f"><code>64e1c8d</code></a> chore: prepare tracing 0.1.43 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3427">#3427</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/7c44f7bb213db649e93746de0677bd34d2576ff2"><code>7c44f7b</code></a> tracing: revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/cdaf661c1373777030b812c003c7075d95685112"><code>cdaf661</code></a> chore: prepare tracing-mock 0.1.0-beta.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3422">#3422</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a164fd30217cc5980d141ed7e817d01b14c99040"><code>a164fd3</code></a> chore: prepare tracing-journald 0.3.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3421">#3421</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/405397b8cc4e6edd3f8d0324c0618502c455ecdc"><code>405397b</code></a> chore: prepare tracing-appender 0.2.4 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3420">#3420</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a9eeed7394115831d504b52565206ba0ecc2affe"><code>a9eeed7</code></a> chore: prepare tracing-subscriber 0.3.21 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3419">#3419</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/5bd550547899f72a6b0464220bdad1162b383960"><code>5bd5505</code></a> chore: prepare tracing 0.1.42 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3418">#3418</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/55086231ec4aaeffcaab9932e696f40278f06bd1"><code>5508623</code></a> chore: prepare tracing-attributes 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d92b4c0feb00960902410b68f71521d36c699d85"><code>d92b4c0</code></a> chore: prepare tracing-core 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/9751b6e776fc999263c49e29515bf1d3eb7260d5"><code>9751b6e</code></a> chore: run <code>tracing-subscriber</code> tests with all features (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3412">#3412</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-0.1.41...tracing-0.1.43">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing&package-manager=cargo&previous-version=0.1.41&new-version=0.1.43)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:36:03 -08:00
version = "0.1.43"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tracing from 0.1.41 to 0.1.43 in /codex-rs (#7428) Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.41 to 0.1.43. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing's releases</a>.</em></p> <blockquote> <h2>tracing 0.1.43</h2> <h4>Important</h4> <p>The previous release [0.1.42] was yanked because <a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a> was a breaking change. See further details in <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.</p> <h3>Fixed</h3> <ul> <li>Revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3382">tokio-rs/tracing#3382</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3424">tokio-rs/tracing#3424</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3425">tokio-rs/tracing#3425</a> [0.1.42]: <a href="https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42">https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42</a></p> <h2>tracing 0.1.42</h2> <h3>Important</h3> <p>The [<code>Span::record_all</code>] method has been removed from the documented API. It was always unsuable via the documented API as it requried a <code>ValueSet</code> which has no publically documented constructors. The method remains, but should not be used outside of <code>tracing</code> macros.</p> <h3>Added</h3> <ul> <li><strong>attributes</strong>: Support constant expressions as instrument field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>)</li> <li>Add <code>record_all!</code> macro for recording multiple values in one call (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3227">#3227</a>)</li> <li><strong>core</strong>: Improve code generation at trace points significantly (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3398">#3398</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>tracing-core</code>: updated to 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><code>tracing-attributes</code>: updated to 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fix &quot;name / parent&quot; variant of <code>event!</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>)</li> <li>Remove 'r#' prefix from raw identifiers in field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>)</li> <li>Fix perf regression when <code>release_max_level_*</code> not set (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3373">#3373</a>)</li> <li>Use imported instead of fully qualified path (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3374">#3374</a>)</li> <li>Make <code>valueset</code> macro sanitary (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>)</li> </ul> <h3>Documented</h3> <ul> <li><strong>core</strong>: Add missing <code>dyn</code> keyword in <code>Visit</code> documentation code sample (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3387">#3387</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#2983%5D(https://redirect.github.com/tokio-rs/tracing/issues/2983)">tokio-rs/tracing#2983</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3130%5D(https://redirect.github.com/tokio-rs/tracing/issues/3130)">tokio-rs/tracing#3130</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3158%5D(https://redirect.github.com/tokio-rs/tracing/issues/3158)">tokio-rs/tracing#3158</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/64e1c8d3ae5cf5deab40ad3d376c8595d4e4db7f"><code>64e1c8d</code></a> chore: prepare tracing 0.1.43 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3427">#3427</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/7c44f7bb213db649e93746de0677bd34d2576ff2"><code>7c44f7b</code></a> tracing: revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/cdaf661c1373777030b812c003c7075d95685112"><code>cdaf661</code></a> chore: prepare tracing-mock 0.1.0-beta.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3422">#3422</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a164fd30217cc5980d141ed7e817d01b14c99040"><code>a164fd3</code></a> chore: prepare tracing-journald 0.3.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3421">#3421</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/405397b8cc4e6edd3f8d0324c0618502c455ecdc"><code>405397b</code></a> chore: prepare tracing-appender 0.2.4 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3420">#3420</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a9eeed7394115831d504b52565206ba0ecc2affe"><code>a9eeed7</code></a> chore: prepare tracing-subscriber 0.3.21 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3419">#3419</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/5bd550547899f72a6b0464220bdad1162b383960"><code>5bd5505</code></a> chore: prepare tracing 0.1.42 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3418">#3418</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/55086231ec4aaeffcaab9932e696f40278f06bd1"><code>5508623</code></a> chore: prepare tracing-attributes 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d92b4c0feb00960902410b68f71521d36c699d85"><code>d92b4c0</code></a> chore: prepare tracing-core 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/9751b6e776fc999263c49e29515bf1d3eb7260d5"><code>9751b6e</code></a> chore: run <code>tracing-subscriber</code> tests with all features (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3412">#3412</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-0.1.41...tracing-0.1.43">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing&package-manager=cargo&previous-version=0.1.41&new-version=0.1.43)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:36:03 -08:00
checksum = "2d15d90a0b5c19378952d479dc858407149d7bb45a14de0142f6c534b16fc647"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"log",
"pin-project-lite",
"tracing-attributes",
"tracing-core",
]
[[package]]
name = "tracing-appender"
version = "0.2.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3566e8ce28cc0a3fe42519fc80e6b4c943cc4c8cef275620eb8dac2d3d4e06cf"
dependencies = [
"crossbeam-channel",
"thiserror 1.0.69",
"time",
"tracing-subscriber",
]
[[package]]
name = "tracing-attributes"
chore(deps): bump tracing from 0.1.41 to 0.1.43 in /codex-rs (#7428) Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.41 to 0.1.43. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing's releases</a>.</em></p> <blockquote> <h2>tracing 0.1.43</h2> <h4>Important</h4> <p>The previous release [0.1.42] was yanked because <a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a> was a breaking change. See further details in <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.</p> <h3>Fixed</h3> <ul> <li>Revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3382">tokio-rs/tracing#3382</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3424">tokio-rs/tracing#3424</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3425">tokio-rs/tracing#3425</a> [0.1.42]: <a href="https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42">https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42</a></p> <h2>tracing 0.1.42</h2> <h3>Important</h3> <p>The [<code>Span::record_all</code>] method has been removed from the documented API. It was always unsuable via the documented API as it requried a <code>ValueSet</code> which has no publically documented constructors. The method remains, but should not be used outside of <code>tracing</code> macros.</p> <h3>Added</h3> <ul> <li><strong>attributes</strong>: Support constant expressions as instrument field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>)</li> <li>Add <code>record_all!</code> macro for recording multiple values in one call (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3227">#3227</a>)</li> <li><strong>core</strong>: Improve code generation at trace points significantly (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3398">#3398</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>tracing-core</code>: updated to 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><code>tracing-attributes</code>: updated to 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fix &quot;name / parent&quot; variant of <code>event!</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>)</li> <li>Remove 'r#' prefix from raw identifiers in field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>)</li> <li>Fix perf regression when <code>release_max_level_*</code> not set (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3373">#3373</a>)</li> <li>Use imported instead of fully qualified path (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3374">#3374</a>)</li> <li>Make <code>valueset</code> macro sanitary (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>)</li> </ul> <h3>Documented</h3> <ul> <li><strong>core</strong>: Add missing <code>dyn</code> keyword in <code>Visit</code> documentation code sample (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3387">#3387</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#2983%5D(https://redirect.github.com/tokio-rs/tracing/issues/2983)">tokio-rs/tracing#2983</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3130%5D(https://redirect.github.com/tokio-rs/tracing/issues/3130)">tokio-rs/tracing#3130</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3158%5D(https://redirect.github.com/tokio-rs/tracing/issues/3158)">tokio-rs/tracing#3158</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/64e1c8d3ae5cf5deab40ad3d376c8595d4e4db7f"><code>64e1c8d</code></a> chore: prepare tracing 0.1.43 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3427">#3427</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/7c44f7bb213db649e93746de0677bd34d2576ff2"><code>7c44f7b</code></a> tracing: revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/cdaf661c1373777030b812c003c7075d95685112"><code>cdaf661</code></a> chore: prepare tracing-mock 0.1.0-beta.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3422">#3422</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a164fd30217cc5980d141ed7e817d01b14c99040"><code>a164fd3</code></a> chore: prepare tracing-journald 0.3.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3421">#3421</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/405397b8cc4e6edd3f8d0324c0618502c455ecdc"><code>405397b</code></a> chore: prepare tracing-appender 0.2.4 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3420">#3420</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a9eeed7394115831d504b52565206ba0ecc2affe"><code>a9eeed7</code></a> chore: prepare tracing-subscriber 0.3.21 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3419">#3419</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/5bd550547899f72a6b0464220bdad1162b383960"><code>5bd5505</code></a> chore: prepare tracing 0.1.42 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3418">#3418</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/55086231ec4aaeffcaab9932e696f40278f06bd1"><code>5508623</code></a> chore: prepare tracing-attributes 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d92b4c0feb00960902410b68f71521d36c699d85"><code>d92b4c0</code></a> chore: prepare tracing-core 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/9751b6e776fc999263c49e29515bf1d3eb7260d5"><code>9751b6e</code></a> chore: run <code>tracing-subscriber</code> tests with all features (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3412">#3412</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-0.1.41...tracing-0.1.43">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing&package-manager=cargo&previous-version=0.1.41&new-version=0.1.43)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:36:03 -08:00
version = "0.1.31"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tracing from 0.1.41 to 0.1.43 in /codex-rs (#7428) Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.41 to 0.1.43. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing's releases</a>.</em></p> <blockquote> <h2>tracing 0.1.43</h2> <h4>Important</h4> <p>The previous release [0.1.42] was yanked because <a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a> was a breaking change. See further details in <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.</p> <h3>Fixed</h3> <ul> <li>Revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3382">tokio-rs/tracing#3382</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3424">tokio-rs/tracing#3424</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3425">tokio-rs/tracing#3425</a> [0.1.42]: <a href="https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42">https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42</a></p> <h2>tracing 0.1.42</h2> <h3>Important</h3> <p>The [<code>Span::record_all</code>] method has been removed from the documented API. It was always unsuable via the documented API as it requried a <code>ValueSet</code> which has no publically documented constructors. The method remains, but should not be used outside of <code>tracing</code> macros.</p> <h3>Added</h3> <ul> <li><strong>attributes</strong>: Support constant expressions as instrument field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>)</li> <li>Add <code>record_all!</code> macro for recording multiple values in one call (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3227">#3227</a>)</li> <li><strong>core</strong>: Improve code generation at trace points significantly (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3398">#3398</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>tracing-core</code>: updated to 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><code>tracing-attributes</code>: updated to 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fix &quot;name / parent&quot; variant of <code>event!</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>)</li> <li>Remove 'r#' prefix from raw identifiers in field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>)</li> <li>Fix perf regression when <code>release_max_level_*</code> not set (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3373">#3373</a>)</li> <li>Use imported instead of fully qualified path (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3374">#3374</a>)</li> <li>Make <code>valueset</code> macro sanitary (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>)</li> </ul> <h3>Documented</h3> <ul> <li><strong>core</strong>: Add missing <code>dyn</code> keyword in <code>Visit</code> documentation code sample (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3387">#3387</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#2983%5D(https://redirect.github.com/tokio-rs/tracing/issues/2983)">tokio-rs/tracing#2983</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3130%5D(https://redirect.github.com/tokio-rs/tracing/issues/3130)">tokio-rs/tracing#3130</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3158%5D(https://redirect.github.com/tokio-rs/tracing/issues/3158)">tokio-rs/tracing#3158</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/64e1c8d3ae5cf5deab40ad3d376c8595d4e4db7f"><code>64e1c8d</code></a> chore: prepare tracing 0.1.43 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3427">#3427</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/7c44f7bb213db649e93746de0677bd34d2576ff2"><code>7c44f7b</code></a> tracing: revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/cdaf661c1373777030b812c003c7075d95685112"><code>cdaf661</code></a> chore: prepare tracing-mock 0.1.0-beta.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3422">#3422</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a164fd30217cc5980d141ed7e817d01b14c99040"><code>a164fd3</code></a> chore: prepare tracing-journald 0.3.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3421">#3421</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/405397b8cc4e6edd3f8d0324c0618502c455ecdc"><code>405397b</code></a> chore: prepare tracing-appender 0.2.4 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3420">#3420</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a9eeed7394115831d504b52565206ba0ecc2affe"><code>a9eeed7</code></a> chore: prepare tracing-subscriber 0.3.21 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3419">#3419</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/5bd550547899f72a6b0464220bdad1162b383960"><code>5bd5505</code></a> chore: prepare tracing 0.1.42 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3418">#3418</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/55086231ec4aaeffcaab9932e696f40278f06bd1"><code>5508623</code></a> chore: prepare tracing-attributes 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d92b4c0feb00960902410b68f71521d36c699d85"><code>d92b4c0</code></a> chore: prepare tracing-core 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/9751b6e776fc999263c49e29515bf1d3eb7260d5"><code>9751b6e</code></a> chore: run <code>tracing-subscriber</code> tests with all features (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3412">#3412</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-0.1.41...tracing-0.1.43">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing&package-manager=cargo&previous-version=0.1.41&new-version=0.1.43)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:36:03 -08:00
checksum = "7490cfa5ec963746568740651ac6781f701c9c5ea257c58e057f3ba8cf69e8da"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "tracing-core"
chore(deps): bump tracing from 0.1.41 to 0.1.43 in /codex-rs (#7428) Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.41 to 0.1.43. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing's releases</a>.</em></p> <blockquote> <h2>tracing 0.1.43</h2> <h4>Important</h4> <p>The previous release [0.1.42] was yanked because <a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a> was a breaking change. See further details in <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.</p> <h3>Fixed</h3> <ul> <li>Revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3382">tokio-rs/tracing#3382</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3424">tokio-rs/tracing#3424</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3425">tokio-rs/tracing#3425</a> [0.1.42]: <a href="https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42">https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42</a></p> <h2>tracing 0.1.42</h2> <h3>Important</h3> <p>The [<code>Span::record_all</code>] method has been removed from the documented API. It was always unsuable via the documented API as it requried a <code>ValueSet</code> which has no publically documented constructors. The method remains, but should not be used outside of <code>tracing</code> macros.</p> <h3>Added</h3> <ul> <li><strong>attributes</strong>: Support constant expressions as instrument field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>)</li> <li>Add <code>record_all!</code> macro for recording multiple values in one call (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3227">#3227</a>)</li> <li><strong>core</strong>: Improve code generation at trace points significantly (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3398">#3398</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>tracing-core</code>: updated to 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><code>tracing-attributes</code>: updated to 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fix &quot;name / parent&quot; variant of <code>event!</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>)</li> <li>Remove 'r#' prefix from raw identifiers in field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>)</li> <li>Fix perf regression when <code>release_max_level_*</code> not set (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3373">#3373</a>)</li> <li>Use imported instead of fully qualified path (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3374">#3374</a>)</li> <li>Make <code>valueset</code> macro sanitary (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>)</li> </ul> <h3>Documented</h3> <ul> <li><strong>core</strong>: Add missing <code>dyn</code> keyword in <code>Visit</code> documentation code sample (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3387">#3387</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#2983%5D(https://redirect.github.com/tokio-rs/tracing/issues/2983)">tokio-rs/tracing#2983</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3130%5D(https://redirect.github.com/tokio-rs/tracing/issues/3130)">tokio-rs/tracing#3130</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3158%5D(https://redirect.github.com/tokio-rs/tracing/issues/3158)">tokio-rs/tracing#3158</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/64e1c8d3ae5cf5deab40ad3d376c8595d4e4db7f"><code>64e1c8d</code></a> chore: prepare tracing 0.1.43 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3427">#3427</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/7c44f7bb213db649e93746de0677bd34d2576ff2"><code>7c44f7b</code></a> tracing: revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/cdaf661c1373777030b812c003c7075d95685112"><code>cdaf661</code></a> chore: prepare tracing-mock 0.1.0-beta.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3422">#3422</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a164fd30217cc5980d141ed7e817d01b14c99040"><code>a164fd3</code></a> chore: prepare tracing-journald 0.3.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3421">#3421</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/405397b8cc4e6edd3f8d0324c0618502c455ecdc"><code>405397b</code></a> chore: prepare tracing-appender 0.2.4 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3420">#3420</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a9eeed7394115831d504b52565206ba0ecc2affe"><code>a9eeed7</code></a> chore: prepare tracing-subscriber 0.3.21 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3419">#3419</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/5bd550547899f72a6b0464220bdad1162b383960"><code>5bd5505</code></a> chore: prepare tracing 0.1.42 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3418">#3418</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/55086231ec4aaeffcaab9932e696f40278f06bd1"><code>5508623</code></a> chore: prepare tracing-attributes 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d92b4c0feb00960902410b68f71521d36c699d85"><code>d92b4c0</code></a> chore: prepare tracing-core 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/9751b6e776fc999263c49e29515bf1d3eb7260d5"><code>9751b6e</code></a> chore: run <code>tracing-subscriber</code> tests with all features (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3412">#3412</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-0.1.41...tracing-0.1.43">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing&package-manager=cargo&previous-version=0.1.41&new-version=0.1.43)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:36:03 -08:00
version = "0.1.35"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tracing from 0.1.41 to 0.1.43 in /codex-rs (#7428) Bumps [tracing](https://github.com/tokio-rs/tracing) from 0.1.41 to 0.1.43. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing's releases</a>.</em></p> <blockquote> <h2>tracing 0.1.43</h2> <h4>Important</h4> <p>The previous release [0.1.42] was yanked because <a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a> was a breaking change. See further details in <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>. This release contains all the changes from that version, plus a revert for the problematic part of the breaking PR.</p> <h3>Fixed</h3> <ul> <li>Revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3382">tokio-rs/tracing#3382</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3424">#3424</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3424">tokio-rs/tracing#3424</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/3425">tokio-rs/tracing#3425</a> [0.1.42]: <a href="https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42">https://github.com/tokio-rs/tracing/releases/tag/tracing-0.1.42</a></p> <h2>tracing 0.1.42</h2> <h3>Important</h3> <p>The [<code>Span::record_all</code>] method has been removed from the documented API. It was always unsuable via the documented API as it requried a <code>ValueSet</code> which has no publically documented constructors. The method remains, but should not be used outside of <code>tracing</code> macros.</p> <h3>Added</h3> <ul> <li><strong>attributes</strong>: Support constant expressions as instrument field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>)</li> <li>Add <code>record_all!</code> macro for recording multiple values in one call (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3227">#3227</a>)</li> <li><strong>core</strong>: Improve code generation at trace points significantly (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3398">#3398</a>)</li> </ul> <h3>Changed</h3> <ul> <li><code>tracing-core</code>: updated to 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><code>tracing-attributes</code>: updated to 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> </ul> <h3>Fixed</h3> <ul> <li>Fix &quot;name / parent&quot; variant of <code>event!</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>)</li> <li>Remove 'r#' prefix from raw identifiers in field names (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>)</li> <li>Fix perf regression when <code>release_max_level_*</code> not set (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3373">#3373</a>)</li> <li>Use imported instead of fully qualified path (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3374">#3374</a>)</li> <li>Make <code>valueset</code> macro sanitary (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3382">#3382</a>)</li> </ul> <h3>Documented</h3> <ul> <li><strong>core</strong>: Add missing <code>dyn</code> keyword in <code>Visit</code> documentation code sample (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3387">#3387</a>)</li> </ul> <p><a href="https://redirect.github.com/tokio-rs/tracing/issues/2983">#2983</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#2983%5D(https://redirect.github.com/tokio-rs/tracing/issues/2983)">tokio-rs/tracing#2983</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3130">#3130</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3130%5D(https://redirect.github.com/tokio-rs/tracing/issues/3130)">tokio-rs/tracing#3130</a> <a href="https://redirect.github.com/tokio-rs/tracing/issues/3158">#3158</a>: <a href="https://redirect.github.com/tokio-rs/tracing/pull/%5B#3158%5D(https://redirect.github.com/tokio-rs/tracing/issues/3158)">tokio-rs/tracing#3158</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/64e1c8d3ae5cf5deab40ad3d376c8595d4e4db7f"><code>64e1c8d</code></a> chore: prepare tracing 0.1.43 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3427">#3427</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/7c44f7bb213db649e93746de0677bd34d2576ff2"><code>7c44f7b</code></a> tracing: revert &quot;make <code>valueset</code> macro sanitary&quot; (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3425">#3425</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/cdaf661c1373777030b812c003c7075d95685112"><code>cdaf661</code></a> chore: prepare tracing-mock 0.1.0-beta.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3422">#3422</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a164fd30217cc5980d141ed7e817d01b14c99040"><code>a164fd3</code></a> chore: prepare tracing-journald 0.3.2 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3421">#3421</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/405397b8cc4e6edd3f8d0324c0618502c455ecdc"><code>405397b</code></a> chore: prepare tracing-appender 0.2.4 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3420">#3420</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/a9eeed7394115831d504b52565206ba0ecc2affe"><code>a9eeed7</code></a> chore: prepare tracing-subscriber 0.3.21 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3419">#3419</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/5bd550547899f72a6b0464220bdad1162b383960"><code>5bd5505</code></a> chore: prepare tracing 0.1.42 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3418">#3418</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/55086231ec4aaeffcaab9932e696f40278f06bd1"><code>5508623</code></a> chore: prepare tracing-attributes 0.1.31 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3417">#3417</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d92b4c0feb00960902410b68f71521d36c699d85"><code>d92b4c0</code></a> chore: prepare tracing-core 0.1.35 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3414">#3414</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/9751b6e776fc999263c49e29515bf1d3eb7260d5"><code>9751b6e</code></a> chore: run <code>tracing-subscriber</code> tests with all features (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3412">#3412</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-0.1.41...tracing-0.1.43">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing&package-manager=cargo&previous-version=0.1.41&new-version=0.1.43)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-30 20:36:03 -08:00
checksum = "7a04e24fab5c89c6a36eb8558c9656f30d81de51dfa4d3b45f26b21d61fa0a6c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"once_cell",
"valuable",
]
[[package]]
name = "tracing-error"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8b1581020d7a273442f5b45074a6a57d5757ad0a47dac0e9f0bd57b81936f3db"
dependencies = [
"tracing",
"tracing-subscriber",
]
[[package]]
name = "tracing-log"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ee855f1f400bd0e5c02d150ae5de3840039a3f54b025156404e34c23c03f47c3"
dependencies = [
"log",
"once_cell",
"tracing-core",
]
[codex] add otel tracing (#7844)
2025-12-12 17:07:17 -08:00
[[package]]
name = "tracing-opentelemetry"
version = "0.31.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ddcf5959f39507d0d04d6413119c04f33b623f4f951ebcbdddddfad2d0623a9c"
dependencies = [
"js-sys",
"once_cell",
"opentelemetry",
"opentelemetry_sdk",
"smallvec",
"tracing",
"tracing-core",
"tracing-log",
"tracing-subscriber",
"web-time",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tracing-subscriber"
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
version = "0.3.20"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
checksum = "2054a14f5307d601f88daf0553e1cbf472acc4f2c51afab632431cdcd72124d5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"matchers",
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"nu-ansi-term",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"once_cell",
chore(deps): bump tracing-subscriber from 0.3.19 to 0.3.20 in /codex-rs (#3620) Bumps [tracing-subscriber](https://github.com/tokio-rs/tracing) from 0.3.19 to 0.3.20. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tokio-rs/tracing/releases">tracing-subscriber's releases</a>.</em></p> <blockquote> <h2>tracing-subscriber 0.3.20</h2> <p><strong>Security Fix</strong>: ANSI Escape Sequence Injection (CVE-TBD)</p> <h2>Impact</h2> <p>Previous versions of tracing-subscriber were vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into terminal output when logged, potentially allowing attackers to:</p> <ul> <li>Manipulate terminal title bars</li> <li>Clear screens or modify terminal display</li> <li>Potentially mislead users through terminal manipulation</li> </ul> <p>In isolation, impact is minimal, however security issues have been found in terminal emulators that enabled an attacker to use ANSI escape sequences via logs to exploit vulnerabilities in the terminal emulator.</p> <h2>Solution</h2> <p>Version 0.3.20 fixes this vulnerability by escaping ANSI control characters in when writing events to destinations that may be printed to the terminal.</p> <h2>Affected Versions</h2> <p>All versions of tracing-subscriber prior to 0.3.20 are affected by this vulnerability.</p> <h2>Recommendations</h2> <p>Immediate Action Required: We recommend upgrading to tracing-subscriber 0.3.20 immediately, especially if your application:</p> <ul> <li>Logs user-provided input (form data, HTTP headers, query parameters, etc.)</li> <li>Runs in environments where terminal output is displayed to users</li> </ul> <h2>Migration</h2> <p>This is a patch release with no breaking API changes. Simply update your Cargo.toml:</p> <pre lang="toml"><code>[dependencies] tracing-subscriber = &quot;0.3.20&quot; </code></pre> <h2>Acknowledgments</h2> <p>We would like to thank <a href="http://github.com/zefr0x">zefr0x</a> who responsibly reported the issue at <code>security@tokio.rs</code>.</p> <p>If you believe you have found a security vulnerability in any tokio-rs project, please email us at <code>security@tokio.rs</code>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tokio-rs/tracing/commit/4c52ca5266a3920fc5dfeebda2accf15ee7fb278"><code>4c52ca5</code></a> fmt: fix ANSI escape sequence injection vulnerability (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3368">#3368</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/f71cebe41e4c12735b1d19ca804428d4ff7d905d"><code>f71cebe</code></a> subscriber: impl Clone for EnvFilter (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3360">#3360</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/3a1f571102b38bcdca13d59f3c454989d179055d"><code>3a1f571</code></a> Fix CI (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3361">#3361</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e63ef57f3d686abe3727ddd586eb9af73d6715b7"><code>e63ef57</code></a> chore: prepare tracing-attributes 0.1.30 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3316">#3316</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e59a13b1a7bcdd78b8b5a7cbcf70a0b2cdd76f0"><code>6e59a13</code></a> attributes: fix tracing::instrument regression around shadowing (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3311">#3311</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/e4df76127538aa8370d7dee32a6f84bbec6bbf10"><code>e4df761</code></a> tracing: update core to 0.1.34 and attributes to 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3305">#3305</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/643f392ebb73c4fb856f56a78c066c82582dd22c"><code>643f392</code></a> chore: prepare tracing-attributes 0.1.29 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3304">#3304</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/d08e7a6eea1833810ea527e18ea03b08cd402c9d"><code>d08e7a6</code></a> chore: prepare tracing-core 0.1.34 (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3302">#3302</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/6e70c571d319a033d5f37c885ccf99aa675a9eac"><code>6e70c57</code></a> tracing-subscriber: count numbers of enters in <code>Timings</code> (<a href="https://redirect.github.com/tokio-rs/tracing/issues/2944">#2944</a>)</li> <li><a href="https://github.com/tokio-rs/tracing/commit/c01d4fd9def2fb061669a310598095c789ca0a32"><code>c01d4fd</code></a> fix docs and enable CI on <code>main</code> branch (<a href="https://redirect.github.com/tokio-rs/tracing/issues/3295">#3295</a>)</li> <li>Additional commits viewable in <a href="https://github.com/tokio-rs/tracing/compare/tracing-subscriber-0.3.19...tracing-subscriber-0.3.20">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tracing-subscriber&package-manager=cargo&previous-version=0.3.19&new-version=0.3.20)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 00:51:33 -07:00
"regex-automata",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"sharded-slab",
"smallvec",
"thread_local",
"tracing",
"tracing-core",
"tracing-log",
]
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
[[package]]
name = "tracing-test"
version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "557b891436fe0d5e0e363427fc7f217abf9ccd510d5136549847bdcbcd011d68"
dependencies = [
"tracing-core",
"tracing-subscriber",
"tracing-test-macro",
]
[[package]]
name = "tracing-test-macro"
version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "04659ddb06c87d233c566112c1c9c5b9e98256d9af50ec3bc9c8327f873a7568"
dependencies = [
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
OpenTelemetry events (#2103) ### Title ## otel Codex can emit [OpenTelemetry](https://opentelemetry.io/) **log events** that describe each run: outbound API requests, streamed responses, user input, tool-approval decisions, and the result of every tool invocation. Export is **disabled by default** so local runs remain self-contained. Opt in by adding an `[otel]` table and choosing an exporter. ```toml [otel] environment = "staging" # defaults to "dev" exporter = "none" # defaults to "none"; set to otlp-http or otlp-grpc to send events log_user_prompt = false # defaults to false; redact prompt text unless explicitly enabled ``` Codex tags every exported event with `service.name = "codex-cli"`, the CLI version, and an `env` attribute so downstream collectors can distinguish dev/staging/prod traffic. Only telemetry produced inside the `codex_otel` crate—the events listed below—is forwarded to the exporter. ### Event catalog Every event shares a common set of metadata fields: `event.timestamp`, `conversation.id`, `app.version`, `auth_mode` (when available), `user.account_id` (when available), `terminal.type`, `model`, and `slug`. With OTEL enabled Codex emits the following event types (in addition to the metadata above): - `codex.api_request` - `cf_ray` (optional) - `attempt` - `duration_ms` - `http.response.status_code` (optional) - `error.message` (failures) - `codex.sse_event` - `event.kind` - `duration_ms` - `error.message` (failures) - `input_token_count` (completion only) - `output_token_count` (completion only) - `cached_token_count` (completion only, optional) - `reasoning_token_count` (completion only, optional) - `tool_token_count` (completion only) - `codex.user_prompt` - `prompt_length` - `prompt` (redacted unless `log_user_prompt = true`) - `codex.tool_decision` - `tool_name` - `call_id` - `decision` (`approved`, `approved_for_session`, `denied`, or `abort`) - `source` (`config` or `user`) - `codex.tool_result` - `tool_name` - `call_id` - `arguments` - `duration_ms` (execution time for the tool) - `success` (`"true"` or `"false"`) - `output` ### Choosing an exporter Set `otel.exporter` to control where events go: - `none` – leaves instrumentation active but skips exporting. This is the default. - `otlp-http` – posts OTLP log records to an OTLP/HTTP collector. Specify the endpoint, protocol, and headers your collector expects: ```toml [otel] exporter = { otlp-http = { endpoint = "https://otel.example.com/v1/logs", protocol = "binary", headers = { "x-otlp-api-key" = "${OTLP_TOKEN}" } }} ``` - `otlp-grpc` – streams OTLP log records over gRPC. Provide the endpoint and any metadata headers: ```toml [otel] exporter = { otlp-grpc = { endpoint = "https://otel.example.com:4317", headers = { "x-otlp-meta" = "abc123" } }} ``` If the exporter is `none` nothing is written anywhere; otherwise you must run or point to your own collector. All exporters run on a background batch worker that is flushed on shutdown. If you build Codex from source the OTEL crate is still behind an `otel` feature flag; the official prebuilt binaries ship with the feature enabled. When the feature is disabled the telemetry hooks become no-ops so the CLI continues to function without the extra dependencies. --------- Co-authored-by: Anton Panasenko <apanasenko@openai.com>
2025-09-29 19:30:55 +01:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tree-sitter"
feat(tui): switch to tree-sitter-highlight bash highlighting (#4666) use tree-sitter-highlight instead of custom logic over the tree-sitter tree to highlight bash.
2025-10-07 16:20:12 -07:00
version = "0.25.10"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
feat(tui): switch to tree-sitter-highlight bash highlighting (#4666) use tree-sitter-highlight instead of custom logic over the tree-sitter tree to highlight bash.
2025-10-07 16:20:12 -07:00
checksum = "78f873475d258561b06f1c595d93308a7ed124d9977cb26b148c2084a4a3cc87"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cc",
"regex",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"regex-syntax 0.8.5",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"serde_json",
"streaming-iterator",
"tree-sitter-language",
]
[[package]]
name = "tree-sitter-bash"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.25.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "871b0606e667e98a1237ebdc1b0d7056e0aebfdc3141d12b399865d4cb6ed8a6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cc",
"tree-sitter-language",
]
feat(tui): switch to tree-sitter-highlight bash highlighting (#4666) use tree-sitter-highlight instead of custom logic over the tree-sitter tree to highlight bash.
2025-10-07 16:20:12 -07:00
[[package]]
name = "tree-sitter-highlight"
version = "0.25.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "adc5f880ad8d8f94e88cb81c3557024cf1a8b75e3b504c50481ed4f5a6006ff3"
dependencies = [
"regex",
"streaming-iterator",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
feat(tui): switch to tree-sitter-highlight bash highlighting (#4666) use tree-sitter-highlight instead of custom logic over the tree-sitter tree to highlight bash.
2025-10-07 16:20:12 -07:00
"tree-sitter",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "tree-sitter-language"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c4013970217383f67b18aef68f6fb2e8d409bc5755227092d32efb0422ba24b8"
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
[[package]]
name = "tree_magic_mini"
version = "3.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f943391d896cdfe8eec03a04d7110332d445be7df856db382dd96a730667562c"
dependencies = [
"memchr",
"nom",
"once_cell",
"petgraph",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "try-lock"
version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e421abadd41a4225275504ea4d6566923418b7f05506fbc9c0fe86ba7396114b"
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
[[package]]
name = "ts-rs"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
version = "11.0.1"
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
checksum = "6ef1b7a6d914a34127ed8e1fa927eb7088903787bcded4fa3eef8f85ee1568be"
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
dependencies = [
"serde_json",
chore(deps): bump thiserror from 2.0.16 to 2.0.17 in /codex-rs (#4426) Bumps [thiserror](https://github.com/dtolnay/thiserror) from 2.0.16 to 2.0.17. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/thiserror/releases">thiserror's releases</a>.</em></p> <blockquote> <h2>2.0.17</h2> <ul> <li>Use differently named __private module per patch release (<a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/thiserror/commit/72ae716e6d6a7f7fdabdc394018c745b4d39ca45"><code>72ae716</code></a> Release 2.0.17</li> <li><a href="https://github.com/dtolnay/thiserror/commit/599fdce83aee7767eb87b5af7bb30c37f3ed61e5"><code>599fdce</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/thiserror/issues/434">#434</a> from dtolnay/private</li> <li><a href="https://github.com/dtolnay/thiserror/commit/9ec05f6b38041bfe1ff5a274caec6e054a459aca"><code>9ec05f6</code></a> Use differently named __private module per patch release</li> <li><a href="https://github.com/dtolnay/thiserror/commit/d2c492b5498a0134abcc1677101bec876fe0621a"><code>d2c492b</code></a> Raise minimum tested compiler to rust 1.76</li> <li><a href="https://github.com/dtolnay/thiserror/commit/fc3ab9501d4f2b6df2d7e495dc1cb37ab6e68363"><code>fc3ab95</code></a> Opt in to generate-macro-expansion when building on docs.rs</li> <li><a href="https://github.com/dtolnay/thiserror/commit/819fe29dbb6e41bb937e3fef0469917d7c476c60"><code>819fe29</code></a> Update ui test suite to nightly-2025-09-12</li> <li><a href="https://github.com/dtolnay/thiserror/commit/259f48c549a2b49c00d2d58a204c1a3b4d2fb29a"><code>259f48c</code></a> Enforce trybuild &gt;= 1.0.108</li> <li><a href="https://github.com/dtolnay/thiserror/commit/470e6a681c073f12e29daf64dcec724bfd5871a9"><code>470e6a6</code></a> Update ui test suite to nightly-2025-08-24</li> <li><a href="https://github.com/dtolnay/thiserror/commit/544e191e6e7f2e7cc3ac34b77d9165c30d982463"><code>544e191</code></a> Update actions/checkout@v4 -&gt; v5</li> <li><a href="https://github.com/dtolnay/thiserror/commit/cbc1ebad3e91621ee0f94cf56d131f12fee62a3c"><code>cbc1eba</code></a> Delete duplicate cap-lints flag from build script</li> <li>See full diff in <a href="https://github.com/dtolnay/thiserror/compare/2.0.16...2.0.17">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=thiserror&package-manager=cargo&previous-version=2.0.16&new-version=2.0.17)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days. Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-10-30 19:00:00 -07:00
"thiserror 2.0.17",
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
"ts-rs-macros",
protocol-ts (#2425)
2025-08-18 13:08:53 -07:00
"uuid",
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
]
[[package]]
name = "ts-rs-macros"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
version = "11.0.1"
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Elevated Sandbox 4 (#7889)
2025-12-12 12:30:38 -08:00
checksum = "e9d4ed7b4c18cc150a6a0a1e9ea1ecfa688791220781af6e119f9599a8502a0a"
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
chore: add TS annotation to generated mcp-types (#2424) Adds the `TS` annotation from https://crates.io/crates/ts-rs to all types to facilitate codegen. --- [//]: # (BEGIN SAPLING FOOTER) Stack created with [Sapling](https://sapling-scm.com). Best reviewed with [ReviewStack](https://reviewstack.dev/openai/codex/pull/2424). * __->__ #2424 * #2423
2025-08-18 09:38:47 -07:00
"termcolor",
]
fix: trim MCP tool names to fit into tool name length limit (#1571) Store fully qualified names along with tool entries so we don't have to re-parse them. Fixes: https://github.com/openai/codex/issues/1289
2025-07-17 11:35:38 -07:00
[[package]]
name = "typenum"
version = "1.18.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1dccffe3ce07af9386bfd29e80c0ab1a8205a2fc34e4bcd40364df902cfa8f3f"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "uds_windows"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "89daebc3e6fd160ac4aa9fc8b3bf71e1f74fbf92367ae71fb83a037e8bf164b9"
dependencies = [
"memoffset 0.9.1",
"tempfile",
"winapi",
]
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "uname"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b72f89f0ca32e4db1c04e2a72f5345d59796d4866a1ee0609084569f73683dc8"
dependencies = [
"libc",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "unicase"
version = "2.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75b844d17643ee918803943289730bec8aac480150456169e647ed0b576ba539"
[[package]]
name = "unicode-ident"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "1.0.18"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "5a5f39404a5da50712a4c1eecf25e90dd62b613502b7e925fd4e4d19b5c96512"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
custom textarea (#1794) This replaces tui-textarea with a custom textarea component. Key differences: 1. wrapped lines 2. better unicode handling 3. uses the native terminal cursor This should perhaps be spun out into its own separate crate at some point, but for now it's convenient to have it in-tree.
2025-08-03 11:31:35 -07:00
[[package]]
name = "unicode-linebreak"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3b09c83c3c29d37506a3e260c08c03743a6bb66a9cd432c6934ab501a190571f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "unicode-segmentation"
version = "1.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f6ccf251212114b54433ec949fd6a7841275f9ada20dddd2f29e9ceea4501493"
[[package]]
name = "unicode-truncate"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b3644627a5af5fa321c95b9b235a72fd24cd29c648c2c379431e6628655627bf"
dependencies = [
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"itertools 0.13.0",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"unicode-segmentation",
"unicode-width 0.1.14",
]
[[package]]
name = "unicode-width"
version = "0.1.14"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7dd6e30e90baa6f72411720665d41d89b9a3d039dc45b8faea1ddd07f617f6af"
[[package]]
name = "unicode-width"
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
version = "0.2.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
checksum = "4a1a07cc7db3810833284e8d372ccdc6da29741639ecc70c9ec107df0fa6154c"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "unicode-xid"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853"
feat: experimental support for skills.md (#7412) This change prototypes support for Skills with the CLI. This is an **experimental** feature for internal testing. --------- Co-authored-by: Gav Verma <gverma@openai.com>
2025-12-01 20:22:35 -08:00
[[package]]
name = "unsafe-libyaml"
version = "0.2.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "untrusted"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
[[package]]
name = "ureq"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
version = "3.1.4"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
checksum = "d39cb1dbab692d82a977c0392ffac19e188bd9186a9f32806f0aaa859d75585a"
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
dependencies = [
"base64",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"der",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
"log",
"native-tls",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"percent-encoding",
"rustls-pki-types",
"ureq-proto",
"utf-8",
"webpki-root-certs",
]
[[package]]
name = "ureq-proto"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d81f9efa9df032be5934a46a068815a10a042b494b6a58cb0a1a97bb5467ed6f"
dependencies = [
"base64",
"http 1.3.1",
"httparse",
"log",
Add log upload support (#5257)
2025-10-16 21:03:23 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "url"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "2.5.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "32f8b686cadd1473f4bd0117a5d28d36b1ade384ea9b5069a1c40aefed7fda60"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"form_urlencoded",
"idna",
"percent-encoding",
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
"serde",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "urlencoding"
version = "2.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da"
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "utf-8"
version = "0.7.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "utf8_iter"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b6c140620e7ffbb22c2dee59cafe6084a59b5ffc27a8859a5f0d494b5d52b6be"
[[package]]
name = "utf8parse"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "06abde3611657adf66d383f00b093d7faecc7fa57071cce2578660c9f1010821"
feat: save session transcripts when using Rust CLI (#845) This adds support for saving transcripts when using the Rust CLI. Like the TypeScript CLI, it saves the transcript to `~/.codex/sessions`, though it uses JSONL for the file format (and `.jsonl` for the file extension) so that even if Codex crashes, what was written to the `.jsonl` file should generally still be valid JSONL content.
2025-05-07 13:49:15 -07:00
[[package]]
name = "uuid"
chore(deps): bump uuid from 1.17.0 to 1.18.0 in /codex-rs (#2493) Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.17.0 to 1.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuid-rs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v1.18.0</h2> <h2>What's Changed</h2> <ul> <li>Fix up mismatched_lifetime_syntaxes lint by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/837">uuid-rs/uuid#837</a></li> <li>Conversions between <code>Timestamp</code> and <code>std::time::SystemTime</code> by <a href="https://github.com/dcormier"><code>@​dcormier</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/835">uuid-rs/uuid#835</a></li> <li>Wrap the error type used in time conversions by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/838">uuid-rs/uuid#838</a></li> <li>Prepare for 1.18.0 release by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/839">uuid-rs/uuid#839</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dcormier"><code>@​dcormier</code></a> made their first contribution in <a href="https://redirect.github.com/uuid-rs/uuid/pull/835">uuid-rs/uuid#835</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0">https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/uuid-rs/uuid/commit/60a49eb94fe1b4901d484de52dc305c7c21a2f85"><code>60a49eb</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/839">#839</a> from uuid-rs/cargo/v1.18.0</li> <li><a href="https://github.com/uuid-rs/uuid/commit/eb8c6970837cb02af04dfeac68a89453f84f890f"><code>eb8c697</code></a> prepare for 1.18.0 release</li> <li><a href="https://github.com/uuid-rs/uuid/commit/281f26fcd93c3b1eeeae8f4f05e89d9caebb5874"><code>281f26f</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/838">#838</a> from uuid-rs/chore/time-conversion</li> <li><a href="https://github.com/uuid-rs/uuid/commit/2d67ab2b5e261a68fb65a5bee50604516537307b"><code>2d67ab2</code></a> don't use allocated values in errors</li> <li><a href="https://github.com/uuid-rs/uuid/commit/c284ed562fdbe12cdeb6ca20e47e80f40cd21a68"><code>c284ed5</code></a> wrap the error type used in time conversions</li> <li><a href="https://github.com/uuid-rs/uuid/commit/87a4359f256c1426829bd21f66ca4327a9c5859c"><code>87a4359</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/835">#835</a> from dcormier/main</li> <li><a href="https://github.com/uuid-rs/uuid/commit/89273966259a90bf28abf17d934c9a8eede73a33"><code>8927396</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/837">#837</a> from uuid-rs/fix/lifetime-syntaxes</li> <li><a href="https://github.com/uuid-rs/uuid/commit/6dfb4b135cf91d2493e6b9aa23079cad41bde506"><code>6dfb4b1</code></a> Conversions between <code>Timestamp</code> and <code>std::time::SystemTime</code></li> <li><a href="https://github.com/uuid-rs/uuid/commit/b508383aff74d28e3a97dfd3a45b7a7ab86a4b2e"><code>b508383</code></a> fix up mismatched_lifetime_syntaxes lint</li> <li>See full diff in <a href="https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uuid&package-manager=cargo&previous-version=1.17.0&new-version=1.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 16:30:34 -07:00
version = "1.18.1"
feat: save session transcripts when using Rust CLI (#845) This adds support for saving transcripts when using the Rust CLI. Like the TypeScript CLI, it saves the transcript to `~/.codex/sessions`, though it uses JSONL for the file format (and `.jsonl` for the file extension) so that even if Codex crashes, what was written to the `.jsonl` file should generally still be valid JSONL content.
2025-05-07 13:49:15 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump uuid from 1.17.0 to 1.18.0 in /codex-rs (#2493) Bumps [uuid](https://github.com/uuid-rs/uuid) from 1.17.0 to 1.18.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuid-rs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v1.18.0</h2> <h2>What's Changed</h2> <ul> <li>Fix up mismatched_lifetime_syntaxes lint by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/837">uuid-rs/uuid#837</a></li> <li>Conversions between <code>Timestamp</code> and <code>std::time::SystemTime</code> by <a href="https://github.com/dcormier"><code>@​dcormier</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/835">uuid-rs/uuid#835</a></li> <li>Wrap the error type used in time conversions by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/838">uuid-rs/uuid#838</a></li> <li>Prepare for 1.18.0 release by <a href="https://github.com/KodrAus"><code>@​KodrAus</code></a> in <a href="https://redirect.github.com/uuid-rs/uuid/pull/839">uuid-rs/uuid#839</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dcormier"><code>@​dcormier</code></a> made their first contribution in <a href="https://redirect.github.com/uuid-rs/uuid/pull/835">uuid-rs/uuid#835</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0">https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/uuid-rs/uuid/commit/60a49eb94fe1b4901d484de52dc305c7c21a2f85"><code>60a49eb</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/839">#839</a> from uuid-rs/cargo/v1.18.0</li> <li><a href="https://github.com/uuid-rs/uuid/commit/eb8c6970837cb02af04dfeac68a89453f84f890f"><code>eb8c697</code></a> prepare for 1.18.0 release</li> <li><a href="https://github.com/uuid-rs/uuid/commit/281f26fcd93c3b1eeeae8f4f05e89d9caebb5874"><code>281f26f</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/838">#838</a> from uuid-rs/chore/time-conversion</li> <li><a href="https://github.com/uuid-rs/uuid/commit/2d67ab2b5e261a68fb65a5bee50604516537307b"><code>2d67ab2</code></a> don't use allocated values in errors</li> <li><a href="https://github.com/uuid-rs/uuid/commit/c284ed562fdbe12cdeb6ca20e47e80f40cd21a68"><code>c284ed5</code></a> wrap the error type used in time conversions</li> <li><a href="https://github.com/uuid-rs/uuid/commit/87a4359f256c1426829bd21f66ca4327a9c5859c"><code>87a4359</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/835">#835</a> from dcormier/main</li> <li><a href="https://github.com/uuid-rs/uuid/commit/89273966259a90bf28abf17d934c9a8eede73a33"><code>8927396</code></a> Merge pull request <a href="https://redirect.github.com/uuid-rs/uuid/issues/837">#837</a> from uuid-rs/fix/lifetime-syntaxes</li> <li><a href="https://github.com/uuid-rs/uuid/commit/6dfb4b135cf91d2493e6b9aa23079cad41bde506"><code>6dfb4b1</code></a> Conversions between <code>Timestamp</code> and <code>std::time::SystemTime</code></li> <li><a href="https://github.com/uuid-rs/uuid/commit/b508383aff74d28e3a97dfd3a45b7a7ab86a4b2e"><code>b508383</code></a> fix up mismatched_lifetime_syntaxes lint</li> <li>See full diff in <a href="https://github.com/uuid-rs/uuid/compare/v1.17.0...v1.18.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=uuid&package-manager=cargo&previous-version=1.17.0&new-version=1.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 16:30:34 -07:00
checksum = "2f87b8aa10b915a06587d0dec516c282ff295b475d94abf425d62b57710070a2"
feat: save session transcripts when using Rust CLI (#845) This adds support for saving transcripts when using the Rust CLI. Like the TypeScript CLI, it saves the transcript to `~/.codex/sessions`, though it uses JSONL for the file format (and `.jsonl` for the file extension) so that even if Codex crashes, what was written to the `.jsonl` file should generally still be valid JSONL content.
2025-05-07 13:49:15 -07:00
dependencies = [
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"getrandom 0.3.3",
"js-sys",
fix: tighten up some logic around session timestamps and ids (#922) * update `SessionConfigured` event to include the UUID for the session * show the UUID in the Rust TUI * use local timestamps in log files instead of UTC * include timestamps in log file names for easier discovery
2025-05-13 19:22:16 -07:00
"serde",
feat: compactor 2 (#6027) Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-10-31 22:27:08 +01:00
"sha1_smol",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"wasm-bindgen",
feat: save session transcripts when using Rust CLI (#845) This adds support for saving transcripts when using the Rust CLI. Like the TypeScript CLI, it saves the transcript to `~/.codex/sessions`, though it uses JSONL for the file format (and `.jsonl` for the file extension) so that even if Codex crashes, what was written to the `.jsonl` file should generally still be valid JSONL content.
2025-05-07 13:49:15 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "valuable"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba73ea9cf16a25df0c8caa16c51acb937d5712a8429db78a3ee29d5dcacd3a65"
[[package]]
name = "vcpkg"
version = "0.2.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "version_check"
version = "0.9.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a"
Stream model responses (#1810) Stream models thoughts and responses instead of waiting for the whole thing to come through. Very rough right now, but I'm making the risk call to push through.
2025-08-04 21:23:22 -07:00
[[package]]
name = "vt100"
version = "0.16.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "054ff75fb8fa83e609e685106df4faeffdf3a735d3c74ebce97ec557d5d36fd9"
dependencies = [
"itoa",
"unicode-width 0.2.1",
"vte",
]
[[package]]
name = "vte"
version = "0.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a5924018406ce0063cd67f8e008104968b74b563ee1b85dde3ed1f7cb87d3dbd"
dependencies = [
"arrayvec",
"memchr",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "wait-timeout"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "09ac3b126d3914f9849036f826e054cbabdc8519970b8998ddaf3b5bd3c65f11"
dependencies = [
"libc",
]
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "walkdir"
version = "2.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "29790946404f91d9c5d06f9874efddea1dc06c5efe94541a7d6863108e3a5e4b"
dependencies = [
"same-file",
"winapi-util",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "want"
version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bfa7760aed19e106de2c7c0b581b509f2f25d3dacaf737cb82ac61bc6d760b0e"
dependencies = [
"try-lock",
]
[[package]]
name = "wasi"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.11.1+wasi-snapshot-preview1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "ccf3ec651a847eb01de73ccad15eb7d99f80485de043efb2f370cd654f4ea44b"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "wasi"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.14.2+wasi-0.2.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "9683f9a5a998d873c0d21fcbe3c083009670149a8fab228644b8bd36b2c48cb3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"wit-bindgen-rt",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "wasm-bindgen"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.2.100"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "1edc8929d7499fc4e8f0be2262a241556cfc54a0bea223790e71446f2aab1ef5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cfg-if",
"once_cell",
"rustversion",
"wasm-bindgen-macro",
]
[[package]]
name = "wasm-bindgen-backend"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.2.100"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "2f0a0651a5c2bc21487bde11ee802ccaf4c51935d0d3d42a6101f98161700bc6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"bumpalo",
"log",
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"wasm-bindgen-shared",
]
[[package]]
name = "wasm-bindgen-futures"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.4.50"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "555d470ec0bc3bb57890405e5d4322cc9ea83cebb085523ced7be4144dac1e61"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"cfg-if",
"js-sys",
"once_cell",
"wasm-bindgen",
"web-sys",
]
[[package]]
name = "wasm-bindgen-macro"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.2.100"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "7fe63fc6d09ed3792bd0897b314f53de8e16568c2b3f7982f468c0bf9bd0b407"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"quote",
"wasm-bindgen-macro-support",
]
[[package]]
name = "wasm-bindgen-macro-support"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.2.100"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "8ae87ea40c9f689fc23f209965b6fb8a99ad69aeeb0231408be24920604395de"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"wasm-bindgen-backend",
"wasm-bindgen-shared",
]
[[package]]
name = "wasm-bindgen-shared"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.2.100"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "1a05d73b933a847d6cccdda8f838a22ff101ad9bf93e33684f39c1f5f0eece3d"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"unicode-ident",
]
[[package]]
name = "wasm-streams"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "15053d8d85c7eccdbefef60f06769760a563c7f0a9d6902a13d35c7800b0ad65"
dependencies = [
"futures-util",
"js-sys",
"wasm-bindgen",
"wasm-bindgen-futures",
"web-sys",
]
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
[[package]]
name = "wayland-backend"
version = "0.3.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "673a33c33048a5ade91a6b139580fa174e19fb0d23f396dca9fa15f2e1e49b35"
dependencies = [
"cc",
"downcast-rs",
"rustix 1.0.8",
"smallvec",
"wayland-sys",
]
[[package]]
name = "wayland-client"
version = "0.31.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c66a47e840dc20793f2264eb4b3e4ecb4b75d91c0dd4af04b456128e0bdd449d"
dependencies = [
Add unified exec escalation handling and tests (#6492) Similar implementation to the shell tool
2025-11-11 08:19:35 -08:00
"bitflags 2.10.0",
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
"rustix 1.0.8",
"wayland-backend",
"wayland-scanner",
]
[[package]]
name = "wayland-protocols"
version = "0.32.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "efa790ed75fbfd71283bd2521a1cfdc022aabcc28bdcff00851f9e4ae88d9901"
dependencies = [
Add unified exec escalation handling and tests (#6492) Similar implementation to the shell tool
2025-11-11 08:19:35 -08:00
"bitflags 2.10.0",
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
"wayland-backend",
"wayland-client",
"wayland-scanner",
]
[[package]]
name = "wayland-protocols-wlr"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "efd94963ed43cf9938a090ca4f7da58eb55325ec8200c3848963e98dc25b78ec"
dependencies = [
Add unified exec escalation handling and tests (#6492) Similar implementation to the shell tool
2025-11-11 08:19:35 -08:00
"bitflags 2.10.0",
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
"wayland-backend",
"wayland-client",
"wayland-protocols",
"wayland-scanner",
]
[[package]]
name = "wayland-scanner"
version = "0.31.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "54cb1e9dc49da91950bdfd8b848c49330536d9d1fb03d4bfec8cae50caa50ae3"
dependencies = [
"proc-macro2",
"quick-xml 0.37.5",
"quote",
]
[[package]]
name = "wayland-sys"
version = "0.31.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34949b42822155826b41db8e5d0c1be3a2bd296c747577a43a3e6daefc296142"
dependencies = [
"pkg-config",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "web-sys"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.3.77"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "33b6dd2ef9186f1f2072e409e99cd22a975331a6b3591b12c764e0e55c60d5d2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"js-sys",
"wasm-bindgen",
]
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "web-time"
version = "1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
dependencies = [
"js-sys",
"wasm-bindgen",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "webbrowser"
chore(deps): bump webbrowser from 1.0.5 to 1.0.6 in /codex-rs (#7225) Bumps [webbrowser](https://github.com/amodm/webbrowser-rs) from 1.0.5 to 1.0.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/amodm/webbrowser-rs/releases">webbrowser's releases</a>.</em></p> <blockquote> <h2>v1.0.6</h2> <h3>Fixed</h3> <ul> <li>Windows: fix browser opening when unicode characters exist in path. See PR <a href="https://redirect.github.com/amodm/webbrowser-rs/issues/108">#108</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/amodm/webbrowser-rs/blob/main/CHANGELOG.md">webbrowser's changelog</a>.</em></p> <blockquote> <h2>[1.0.6] - 2025-10-15 <!-- raw HTML omitted --><!-- raw HTML omitted --></h2> <h3>Fixed</h3> <ul> <li>Windows: fix browser opening when unicode characters exist in path. See PR <a href="https://redirect.github.com/amodm/webbrowser-rs/issues/108">#108</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/amodm/webbrowser-rs/commit/659622914af8da27f4619fdcd704fcd616245a76"><code>6596229</code></a> Release v1.0.6 [skip ci]</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/44908ca5f33984b1a7d12408e799e3721b246d36"><code>44908ca</code></a> ios: fix lint for objc2 invocation #build-ios</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/b76a217a0749b9bae01f4411caa729892453984f"><code>b76a217</code></a> Merge branch 'Nodeigi-fix/107'</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/ee2b1cdf2ebe4d2ed135728d0be9c03def0686a2"><code>ee2b1cd</code></a> fix opening a browser that is located in a path that contains unicode characters</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/061e65e6b8139701f3783c1a68e9528e7d940fb8"><code>061e65e</code></a> ios: fix lints</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/85dd4a37fcfb30dc34ad8bcdea0d7cd3efd15f68"><code>85dd4a3</code></a> macos: fix lints</li> <li>See full diff in <a href="https://github.com/amodm/webbrowser-rs/compare/v1.0.5...v1.0.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webbrowser&package-manager=cargo&previous-version=1.0.5&new-version=1.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-24 12:03:10 -08:00
version = "1.0.6"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump webbrowser from 1.0.5 to 1.0.6 in /codex-rs (#7225) Bumps [webbrowser](https://github.com/amodm/webbrowser-rs) from 1.0.5 to 1.0.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/amodm/webbrowser-rs/releases">webbrowser's releases</a>.</em></p> <blockquote> <h2>v1.0.6</h2> <h3>Fixed</h3> <ul> <li>Windows: fix browser opening when unicode characters exist in path. See PR <a href="https://redirect.github.com/amodm/webbrowser-rs/issues/108">#108</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/amodm/webbrowser-rs/blob/main/CHANGELOG.md">webbrowser's changelog</a>.</em></p> <blockquote> <h2>[1.0.6] - 2025-10-15 <!-- raw HTML omitted --><!-- raw HTML omitted --></h2> <h3>Fixed</h3> <ul> <li>Windows: fix browser opening when unicode characters exist in path. See PR <a href="https://redirect.github.com/amodm/webbrowser-rs/issues/108">#108</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/amodm/webbrowser-rs/commit/659622914af8da27f4619fdcd704fcd616245a76"><code>6596229</code></a> Release v1.0.6 [skip ci]</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/44908ca5f33984b1a7d12408e799e3721b246d36"><code>44908ca</code></a> ios: fix lint for objc2 invocation #build-ios</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/b76a217a0749b9bae01f4411caa729892453984f"><code>b76a217</code></a> Merge branch 'Nodeigi-fix/107'</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/ee2b1cdf2ebe4d2ed135728d0be9c03def0686a2"><code>ee2b1cd</code></a> fix opening a browser that is located in a path that contains unicode characters</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/061e65e6b8139701f3783c1a68e9528e7d940fb8"><code>061e65e</code></a> ios: fix lints</li> <li><a href="https://github.com/amodm/webbrowser-rs/commit/85dd4a37fcfb30dc34ad8bcdea0d7cd3efd15f68"><code>85dd4a3</code></a> macos: fix lints</li> <li>See full diff in <a href="https://github.com/amodm/webbrowser-rs/compare/v1.0.5...v1.0.6">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webbrowser&package-manager=cargo&previous-version=1.0.5&new-version=1.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Eric Traut <etraut@openai.com>
2025-11-24 12:03:10 -08:00
checksum = "00f1243ef785213e3a32fa0396093424a3a6ea566f9948497e5a2309261a4c97"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
dependencies = [
"core-foundation 0.10.1",
"jni",
"log",
"ndk-context",
"objc2",
"objc2-foundation",
"url",
"web-sys",
]
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
[[package]]
name = "webpki-root-certs"
version = "1.0.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ee3e3b5f5e80bc89f30ce8d0343bf4e5f12341c51f3e26cbeecbc7c85443e85b"
dependencies = [
"rustls-pki-types",
]
feat: introduce responses-api-proxy (#4246) Details are in `responses-api-proxy/README.md`, but the key contribution of this PR is a new subcommand, `codex responses-api-proxy`, which reads the auth token for use with the OpenAI Responses API from `stdin` at startup and then proxies `POST` requests to `/v1/responses` over to `https://api.openai.com/v1/responses`, injecting the auth token as part of the `Authorization` header. The expectation is that `codex responses-api-proxy` is launched by a privileged user who has access to the auth token so that it can be used by unprivileged users of the Codex CLI on the same host. If the client only has one user account with `sudo`, one option is to: - run `sudo codex responses-api-proxy --http-shutdown --server-info /tmp/server-info.json` to start the server - record the port written to `/tmp/server-info.json` - relinquish their `sudo` privileges (which is irreversible!) like so: ``` sudo deluser $USER sudo || sudo gpasswd -d $USER sudo || true ``` - use `codex` with the proxy (see `README.md`) - when done, make a `GET` request to the server using the `PORT` from `server-info.json` to shut it down: ```shell curl --fail --silent --show-error "http://127.0.0.1:$PORT/shutdown" ``` To protect the auth token, we: - allocate a 1024 byte buffer on the stack and write `"Bearer "` into it to start - we then read from `stdin`, copying to the contents into the buffer after the prefix - after verifying the input looks good, we create a `String` from that buffer (so the data is now on the heap) - we zero out the stack-allocated buffer using https://crates.io/crates/zeroize so it is not optimized away by the compiler - we invoke `.leak()` on the `String` so we can treat its contents as a `&'static str`, as it will live for the rest of the processs - on UNIX, we `mlock(2)` the memory backing the `&'static str` - when using the `&'static str` when building an HTTP request, we use `HeaderValue::from_static()` to avoid copying the `&str` - we also invoke `.set_sensitive(true)` on the `HeaderValue`, which in theory indicates to other parts of the HTTP stack that the header should be treated with "special care" to avoid leakage: https://github.com/hyperium/http/blob/439d1c50d71e3be3204b6c4a1bf2255ed78e1f93/src/header/value.rs#L346-L376
2025-09-26 08:19:00 -07:00
[[package]]
name = "webpki-roots"
version = "1.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7e8983c3ab33d6fb807cfcdad2491c4ea8cbc8ed839181c7dfd9c67c83e261b2"
dependencies = [
"rustls-pki-types",
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "weezl"
version = "0.1.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a751b3277700db47d3e574514de2eced5e54dc8a5436a3bf7a0b248b2cee16f3"
Bridge command generation to powershell when on Windows (#2319) ## What? Why? How? - When running on Windows, codex often tries to invoke bash commands, which commonly fail (unless WSL is installed) - Fix: Detect if powershell is available and, if so, route commands to it - Also add a shell_name property to environmental context for codex to default to powershell commands when running in that environment ## Testing - Tested within WSL and powershell (e.g. get top 5 largest files within a folder and validated that commands generated were powershell commands) - Tested within Zsh - Updated unit tests --------- Co-authored-by: Eddy Escardo <eddy@openai.com>
2025-08-20 16:30:34 -07:00
[[package]]
name = "which"
version = "6.0.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b4ee928febd44d98f2f459a4a79bd4d928591333a494a10a868418ac1b39cf1f"
dependencies = [
"either",
"home",
"rustix 0.38.44",
"winsafe",
]
feat: introduce support for shell_environment_policy in config.toml (#1061) To date, when handling `shell` and `local_shell` tool calls, we were spawning new processes using the environment inherited from the Codex process itself. This means that the sensitive `OPENAI_API_KEY` that Codex needs to talk to OpenAI models was made available to everything run by `shell` and `local_shell`. While there are cases where that might be useful, it does not seem like a good default. This PR introduces a complex `shell_environment_policy` config option to control the `env` used with these tool calls. It is inevitably a bit complex so that it is possible to override individual components of the policy so without having to restate the entire thing. Details are in the updated `README.md` in this PR, but here is the relevant bit that explains the individual fields of `shell_environment_policy`: | Field | Type | Default | Description | | ------------------------- | -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | | `inherit` | string | `core` | Starting template for the environment:<br>`core` (`HOME`, `PATH`, `USER`, …), `all` (clone full parent env), or `none` (start empty). | | `ignore_default_excludes` | boolean | `false` | When `false`, Codex removes any var whose **name** contains `KEY`, `SECRET`, or `TOKEN` (case-insensitive) before other rules run. | | `exclude` | array&lt;string&gt; | `[]` | Case-insensitive glob patterns to drop after the default filter.<br>Examples: `"AWS_*"`, `"AZURE_*"`. | | `set` | table&lt;string,string&gt; | `{}` | Explicit key/value overrides or additions – always win over inherited values. | | `include_only` | array&lt;string&gt; | `[]` | If non-empty, a whitelist of patterns; only variables that match _one_ pattern survive the final step. (Generally used with `inherit = "all"`.) | In particular, note that the default is `inherit = "core"`, so: * if you have extra env variables that you want to inherit from the parent process, use `inherit = "all"` and then specify `include_only` * if you have extra env variables where you want to hardcode the values, the default `inherit = "core"` will work fine, but then you need to specify `set` This configuration is not battle-tested, so we will probably still have to play with it a bit. `core/src/exec_env.rs` has the critical business logic as well as unit tests. Though if nothing else, previous to this change: ``` $ cargo run --bin codex -- debug seatbelt -- printenv OPENAI_API_KEY # ...prints OPENAI_API_KEY... ``` But after this change it does not print anything (as desired). One final thing to call out about this PR is that the `configure_command!` macro we use in `core/src/exec.rs` has to do some complex logic with respect to how it builds up the `env` for the process being spawned under Landlock/seccomp. Specifically, doing `cmd.env_clear()` followed by `cmd.envs(&$env_map)` (which is arguably the most intuitive way to do it) caused the Landlock unit tests to fail because the processes spawned by the unit tests started failing in unexpected ways! If we forgo `env_clear()` in favor of updating env vars one at a time, the tests still pass. The comment in the code talks about this a bit, and while I would like to investigate this more, I need to move on for the moment, but I do plan to come back to it to fully understand what is going on. For example, this suggests that we might not be able to spawn a C program that calls `env_clear()`, which would be...weird. We may still have to fiddle with our Landlock config if that is the case.
2025-05-22 09:51:19 -07:00
[[package]]
name = "wildmatch"
chore(deps): bump wildmatch from 2.5.0 to 2.6.1 in /codex-rs (#7716) Bumps [wildmatch](https://github.com/becheran/wildmatch) from 2.5.0 to 2.6.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/becheran/wildmatch/commit/ca6568be7e9cf5b4487bae0ca5c8068bf27e6c38"><code>ca6568b</code></a> chore: Release wildmatch version 2.6.1</li> <li><a href="https://github.com/becheran/wildmatch/commit/513c5ab967630e5fdef63adea1a88ad4290ace23"><code>513c5ab</code></a> docs: fix broken links</li> <li><a href="https://github.com/becheran/wildmatch/commit/fe47b5f750bedc85888bb924cba2c0dbbb31ce32"><code>fe47b5f</code></a> chore: use latest mlc version</li> <li><a href="https://github.com/becheran/wildmatch/commit/4d05f9f3d13b75da57a262ee869cf77855965d42"><code>4d05f9f</code></a> Merge pull request <a href="https://redirect.github.com/becheran/wildmatch/issues/30">#30</a> from arifd/patch-1</li> <li><a href="https://github.com/becheran/wildmatch/commit/26114f73de01ec642b3cae406d077439e502f6bd"><code>26114f7</code></a> unify example pattern used in WildMatchPattern examples</li> <li><a href="https://github.com/becheran/wildmatch/commit/32c36f5113bc7a661edf0af139a6ccd056bad8cf"><code>32c36f5</code></a> chore: Release wildmatch version 2.6.0</li> <li><a href="https://github.com/becheran/wildmatch/commit/4777964a652c12716f251da5e203c47744696bd9"><code>4777964</code></a> Merge pull request <a href="https://redirect.github.com/becheran/wildmatch/issues/29">#29</a> from arifd/prevent-ambiguous-same-single-multi-wildcard</li> <li><a href="https://github.com/becheran/wildmatch/commit/3a5bf1b4f6ed7527c32e7bf549539c6b62161da4"><code>3a5bf1b</code></a> prevent ambiguous same single multi wildcard</li> <li>See full diff in <a href="https://github.com/becheran/wildmatch/compare/v2.5.0...v2.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wildmatch&package-manager=cargo&previous-version=2.5.0&new-version=2.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-08 17:13:51 +00:00
version = "2.6.1"
feat: introduce support for shell_environment_policy in config.toml (#1061) To date, when handling `shell` and `local_shell` tool calls, we were spawning new processes using the environment inherited from the Codex process itself. This means that the sensitive `OPENAI_API_KEY` that Codex needs to talk to OpenAI models was made available to everything run by `shell` and `local_shell`. While there are cases where that might be useful, it does not seem like a good default. This PR introduces a complex `shell_environment_policy` config option to control the `env` used with these tool calls. It is inevitably a bit complex so that it is possible to override individual components of the policy so without having to restate the entire thing. Details are in the updated `README.md` in this PR, but here is the relevant bit that explains the individual fields of `shell_environment_policy`: | Field | Type | Default | Description | | ------------------------- | -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | | `inherit` | string | `core` | Starting template for the environment:<br>`core` (`HOME`, `PATH`, `USER`, …), `all` (clone full parent env), or `none` (start empty). | | `ignore_default_excludes` | boolean | `false` | When `false`, Codex removes any var whose **name** contains `KEY`, `SECRET`, or `TOKEN` (case-insensitive) before other rules run. | | `exclude` | array&lt;string&gt; | `[]` | Case-insensitive glob patterns to drop after the default filter.<br>Examples: `"AWS_*"`, `"AZURE_*"`. | | `set` | table&lt;string,string&gt; | `{}` | Explicit key/value overrides or additions – always win over inherited values. | | `include_only` | array&lt;string&gt; | `[]` | If non-empty, a whitelist of patterns; only variables that match _one_ pattern survive the final step. (Generally used with `inherit = "all"`.) | In particular, note that the default is `inherit = "core"`, so: * if you have extra env variables that you want to inherit from the parent process, use `inherit = "all"` and then specify `include_only` * if you have extra env variables where you want to hardcode the values, the default `inherit = "core"` will work fine, but then you need to specify `set` This configuration is not battle-tested, so we will probably still have to play with it a bit. `core/src/exec_env.rs` has the critical business logic as well as unit tests. Though if nothing else, previous to this change: ``` $ cargo run --bin codex -- debug seatbelt -- printenv OPENAI_API_KEY # ...prints OPENAI_API_KEY... ``` But after this change it does not print anything (as desired). One final thing to call out about this PR is that the `configure_command!` macro we use in `core/src/exec.rs` has to do some complex logic with respect to how it builds up the `env` for the process being spawned under Landlock/seccomp. Specifically, doing `cmd.env_clear()` followed by `cmd.envs(&$env_map)` (which is arguably the most intuitive way to do it) caused the Landlock unit tests to fail because the processes spawned by the unit tests started failing in unexpected ways! If we forgo `env_clear()` in favor of updating env vars one at a time, the tests still pass. The comment in the code talks about this a bit, and while I would like to investigate this more, I need to move on for the moment, but I do plan to come back to it to fully understand what is going on. For example, this suggests that we might not be able to spawn a C program that calls `env_clear()`, which would be...weird. We may still have to fiddle with our Landlock config if that is the case.
2025-05-22 09:51:19 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump wildmatch from 2.5.0 to 2.6.1 in /codex-rs (#7716) Bumps [wildmatch](https://github.com/becheran/wildmatch) from 2.5.0 to 2.6.1. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/becheran/wildmatch/commit/ca6568be7e9cf5b4487bae0ca5c8068bf27e6c38"><code>ca6568b</code></a> chore: Release wildmatch version 2.6.1</li> <li><a href="https://github.com/becheran/wildmatch/commit/513c5ab967630e5fdef63adea1a88ad4290ace23"><code>513c5ab</code></a> docs: fix broken links</li> <li><a href="https://github.com/becheran/wildmatch/commit/fe47b5f750bedc85888bb924cba2c0dbbb31ce32"><code>fe47b5f</code></a> chore: use latest mlc version</li> <li><a href="https://github.com/becheran/wildmatch/commit/4d05f9f3d13b75da57a262ee869cf77855965d42"><code>4d05f9f</code></a> Merge pull request <a href="https://redirect.github.com/becheran/wildmatch/issues/30">#30</a> from arifd/patch-1</li> <li><a href="https://github.com/becheran/wildmatch/commit/26114f73de01ec642b3cae406d077439e502f6bd"><code>26114f7</code></a> unify example pattern used in WildMatchPattern examples</li> <li><a href="https://github.com/becheran/wildmatch/commit/32c36f5113bc7a661edf0af139a6ccd056bad8cf"><code>32c36f5</code></a> chore: Release wildmatch version 2.6.0</li> <li><a href="https://github.com/becheran/wildmatch/commit/4777964a652c12716f251da5e203c47744696bd9"><code>4777964</code></a> Merge pull request <a href="https://redirect.github.com/becheran/wildmatch/issues/29">#29</a> from arifd/prevent-ambiguous-same-single-multi-wildcard</li> <li><a href="https://github.com/becheran/wildmatch/commit/3a5bf1b4f6ed7527c32e7bf549539c6b62161da4"><code>3a5bf1b</code></a> prevent ambiguous same single multi wildcard</li> <li>See full diff in <a href="https://github.com/becheran/wildmatch/compare/v2.5.0...v2.6.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wildmatch&package-manager=cargo&previous-version=2.5.0&new-version=2.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-08 17:13:51 +00:00
checksum = "29333c3ea1ba8b17211763463ff24ee84e41c78224c16b001cd907e663a38c68"
feat: introduce support for shell_environment_policy in config.toml (#1061) To date, when handling `shell` and `local_shell` tool calls, we were spawning new processes using the environment inherited from the Codex process itself. This means that the sensitive `OPENAI_API_KEY` that Codex needs to talk to OpenAI models was made available to everything run by `shell` and `local_shell`. While there are cases where that might be useful, it does not seem like a good default. This PR introduces a complex `shell_environment_policy` config option to control the `env` used with these tool calls. It is inevitably a bit complex so that it is possible to override individual components of the policy so without having to restate the entire thing. Details are in the updated `README.md` in this PR, but here is the relevant bit that explains the individual fields of `shell_environment_policy`: | Field | Type | Default | Description | | ------------------------- | -------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------- | | `inherit` | string | `core` | Starting template for the environment:<br>`core` (`HOME`, `PATH`, `USER`, …), `all` (clone full parent env), or `none` (start empty). | | `ignore_default_excludes` | boolean | `false` | When `false`, Codex removes any var whose **name** contains `KEY`, `SECRET`, or `TOKEN` (case-insensitive) before other rules run. | | `exclude` | array&lt;string&gt; | `[]` | Case-insensitive glob patterns to drop after the default filter.<br>Examples: `"AWS_*"`, `"AZURE_*"`. | | `set` | table&lt;string,string&gt; | `{}` | Explicit key/value overrides or additions – always win over inherited values. | | `include_only` | array&lt;string&gt; | `[]` | If non-empty, a whitelist of patterns; only variables that match _one_ pattern survive the final step. (Generally used with `inherit = "all"`.) | In particular, note that the default is `inherit = "core"`, so: * if you have extra env variables that you want to inherit from the parent process, use `inherit = "all"` and then specify `include_only` * if you have extra env variables where you want to hardcode the values, the default `inherit = "core"` will work fine, but then you need to specify `set` This configuration is not battle-tested, so we will probably still have to play with it a bit. `core/src/exec_env.rs` has the critical business logic as well as unit tests. Though if nothing else, previous to this change: ``` $ cargo run --bin codex -- debug seatbelt -- printenv OPENAI_API_KEY # ...prints OPENAI_API_KEY... ``` But after this change it does not print anything (as desired). One final thing to call out about this PR is that the `configure_command!` macro we use in `core/src/exec.rs` has to do some complex logic with respect to how it builds up the `env` for the process being spawned under Landlock/seccomp. Specifically, doing `cmd.env_clear()` followed by `cmd.envs(&$env_map)` (which is arguably the most intuitive way to do it) caused the Landlock unit tests to fail because the processes spawned by the unit tests started failing in unexpected ways! If we forgo `env_clear()` in favor of updating env vars one at a time, the tests still pass. The comment in the code talks about this a bit, and while I would like to investigate this more, I need to move on for the moment, but I do plan to come back to it to fully understand what is going on. For example, this suggests that we might not be able to spawn a C program that calls `env_clear()`, which would be...weird. We may still have to fiddle with our Landlock config if that is the case.
2025-05-22 09:51:19 -07:00
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "winapi"
version = "0.3.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c839a674fcd7a98952e593242ea400abe93992746761e38641405d28b00f419"
dependencies = [
"winapi-i686-pc-windows-gnu",
"winapi-x86_64-pc-windows-gnu",
]
[[package]]
name = "winapi-i686-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
[[package]]
name = "winapi-util"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.1.9"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
dependencies = [
feat: add shell snapshot for shell command (#7786)
2025-12-11 13:46:43 +00:00
"windows-sys 0.59.0",
feat: introduce the use of tui-markdown (#851) This introduces the use of the `tui-markdown` crate to parse an assistant message as Markdown and style it using ANSI for a better user experience. As shown in the screenshot below, it has support for syntax highlighting for _tagged_ fenced code blocks: <img width="907" alt="image" src="https://github.com/user-attachments/assets/900dc229-80bb-46e8-b1bb-efee4c70ba3c" /> That said, `tui-markdown` is not as configurable (or stylish!) as https://www.npmjs.com/package/marked-terminal, which is what we use in the TypeScript CLI. In particular: * The styles are hardcoded and `tui_markdown::from_str()` does not take any options whatsoever. It uses "bold white" for inline code style which does not stand out as much as the yellow used by `marked-terminal`: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L464 I asked Codex to take a first pass at this and it came up with: https://github.com/joshka/tui-markdown/pull/80 * If a fenced code block is not tagged, then it does not get highlighted. I would rather add some logic here: https://github.com/joshka/tui-markdown/blob/65402cbda70325f34e7ddf6fe1ec629bcd9459cf/tui-markdown/src/lib.rs#L262 that uses something like https://pypi.org/project/guesslang/ to examine the value of `text` and try to use the appropriate syntax highlighter. * When we have a fenced code block, we do not want to show the opening and closing triple backticks in the output. To unblock ourselves, we might want to bundle our own fork of `tui-markdown` temporarily until we figure out what the shape of the API should be and then try to upstream it.
2025-05-07 10:46:32 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "winapi-x86_64-pc-windows-gnu"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f"
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
[[package]]
name = "windows"
version = "0.58.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dd04d41d93c4992d421894c18c8b43496aa748dd4c081bac0dc93eb0489272b6"
dependencies = [
"windows-core 0.58.0",
"windows-targets 0.52.6",
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "windows"
version = "0.61.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9babd3a767a4c1aef6900409f85f5d53ce2544ccdfaa86dad48c91782c6d6893"
dependencies = [
"windows-collections",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-core 0.61.2",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"windows-future",
"windows-link 0.1.3",
"windows-numerics",
]
[[package]]
name = "windows-collections"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3beeceb5e5cfd9eb1d76b381630e82c4241ccd0d27f1a39ed41b2760b255c5e8"
dependencies = [
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-core 0.61.2",
]
[[package]]
name = "windows-core"
version = "0.58.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6ba6d44ec8c2591c134257ce647b7ea6b20335bf6379a27dac5f1641fcf59f99"
dependencies = [
"windows-implement 0.58.0",
"windows-interface 0.58.0",
"windows-result 0.2.0",
"windows-strings 0.1.0",
"windows-targets 0.52.6",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-core"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.61.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "c0fdd3ddb90610c7638aa2b3a3ab2904fb9e5cdbecc643ddb3647212781c4ae3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-implement 0.60.0",
"windows-interface 0.59.1",
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
"windows-link 0.1.3",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-result 0.3.4",
"windows-strings 0.4.2",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "windows-future"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fc6a41e98427b19fe4b73c550f060b59fa592d7d686537eebf9385621bfbad8e"
dependencies = [
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-core 0.61.2",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"windows-link 0.1.3",
"windows-threading",
]
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
[[package]]
name = "windows-implement"
version = "0.58.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2bbd5b46c938e506ecbce286b6628a02171d56153ba733b6c741fc627ec9579b"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-implement"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.60.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "a47fddd13af08290e67f4acabf4b459f647552718f683a7b415d290ac744a836"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
[[package]]
name = "windows-interface"
version = "0.58.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "053c4c462dc91d3b1504c6fe5a726dd15e216ba718e84a0e46a88fbe5ded3515"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-interface"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.59.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "bd9211b69f8dcdfa817bfd14bf1c97c9188afa36f4750130fcdf3f400eca9fa8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "windows-link"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.1.3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "5e6ad25900d524eaabdbbb96d20b4311e1e7ae1699af4fb28c17ae66c80d798a"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
[[package]]
name = "windows-link"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "45e46c0661abb7180e7b9c281db115305d49ca1709ab8242adf09666d2173c65"
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "windows-numerics"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9150af68066c4c5c07ddc0ce30421554771e528bde427614c61038bc2c92c2b1"
dependencies = [
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-core 0.61.2",
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
"windows-link 0.1.3",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-registry"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.5.3"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "5b8a9ed28765efc97bbc954883f4e6796c33a06546ebafacbabee9696967499e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
"windows-link 0.1.3",
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
"windows-result 0.3.4",
"windows-strings 0.4.2",
]
[[package]]
name = "windows-result"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d1043d8214f791817bab27572aaa8af63732e11bf84aa21a45a78d6c317ae0e"
dependencies = [
"windows-targets 0.52.6",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-result"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.3.4"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "56f42bd332cc6c8eac5af113fc0c1fd6a8fd2aa08a0119358686e5160d0586c6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
"windows-link 0.1.3",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
[[package]]
name = "windows-strings"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4cd9b125c486025df0eabcb585e62173c6c9eddcec5d117d3b6e8c30e2ee4d10"
dependencies = [
"windows-result 0.2.0",
"windows-targets 0.52.6",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-strings"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.4.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "56e6c93f3a0c3b36176cb1327a4958a0353d5d166c2a35cb268ace15e91d3b57"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
chore(deps): bump chrono from 0.4.41 to 0.4.42 in /codex-rs (#4028) Bumps [chrono](https://github.com/chronotope/chrono) from 0.4.41 to 0.4.42. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/chronotope/chrono/releases">chrono's releases</a>.</em></p> <blockquote> <h2>0.4.42</h2> <h2>What's Changed</h2> <ul> <li>Add fuzzer for DateTime::parse_from_str by <a href="https://github.com/tyler92"><code>@​tyler92</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1700">chronotope/chrono#1700</a></li> <li>Fix wrong amount of micro/milliseconds by <a href="https://github.com/nmlt"><code>@​nmlt</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1703">chronotope/chrono#1703</a></li> <li>Add warning about MappedLocalTime and wasm by <a href="https://github.com/lutzky"><code>@​lutzky</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1702">chronotope/chrono#1702</a></li> <li>Fix incorrect parsing of fixed-length second fractions by <a href="https://github.com/chris-leach"><code>@​chris-leach</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1705">chronotope/chrono#1705</a></li> <li>Fix cfgs for <code>wasm32-linux</code> support by <a href="https://github.com/arjunr2"><code>@​arjunr2</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1707">chronotope/chrono#1707</a></li> <li>Fix OpenHarmony's <code>tzdata</code> parsing by <a href="https://github.com/ldm0"><code>@​ldm0</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1679">chronotope/chrono#1679</a></li> <li>Convert NaiveDate to/from days since unix epoch by <a href="https://github.com/findepi"><code>@​findepi</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1715">chronotope/chrono#1715</a></li> <li>Add <code>?Sized</code> bound to related methods of <code>DelayedFormat::write_to</code> by <a href="https://github.com/Huliiiiii"><code>@​Huliiiiii</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1721">chronotope/chrono#1721</a></li> <li>Add <code>from_timestamp_secs</code> method to <code>DateTime</code> by <a href="https://github.com/jasonaowen"><code>@​jasonaowen</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1719">chronotope/chrono#1719</a></li> <li>Migrate to core::error::Error by <a href="https://github.com/benbrittain"><code>@​benbrittain</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1704">chronotope/chrono#1704</a></li> <li>Upgrade to windows-bindgen 0.63 by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1730">chronotope/chrono#1730</a></li> <li>strftime: simplify error handling by <a href="https://github.com/djc"><code>@​djc</code></a> in <a href="https://redirect.github.com/chronotope/chrono/pull/1731">chronotope/chrono#1731</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/chronotope/chrono/commit/f3fd15f976c8c8e56d97eda6237af4d485ba2297"><code>f3fd15f</code></a> Bump version to 0.4.42</li> <li><a href="https://github.com/chronotope/chrono/commit/5cf56035007f291b1b8f457fa3bfc79fb367419a"><code>5cf5603</code></a> strftime: add regression test case</li> <li><a href="https://github.com/chronotope/chrono/commit/a6231701ee934cbbeb595fe71328fcbbf1b584d5"><code>a623170</code></a> strftime: simplify error handling</li> <li><a href="https://github.com/chronotope/chrono/commit/36fbfb1221da05b1482eb9dd18254e6bd736cb31"><code>36fbfb1</code></a> strftime: move specifier handling out of match to reduce rightward drift</li> <li><a href="https://github.com/chronotope/chrono/commit/7f413c363b74e293d495dc6109335c02dda9d629"><code>7f413c3</code></a> strftime: yield None early</li> <li><a href="https://github.com/chronotope/chrono/commit/9d5dfe164098186bfff8af7d5eecbb05d7712d4d"><code>9d5dfe1</code></a> strftime: outline constants</li> <li><a href="https://github.com/chronotope/chrono/commit/e5f6be7db4a0c2756cad0a7c8186a5a180873f7a"><code>e5f6be7</code></a> strftime: move error() method below caller</li> <li><a href="https://github.com/chronotope/chrono/commit/d516c2764d74e467fa37e25e8e88d5633478bafa"><code>d516c27</code></a> strftime: merge impl blocks</li> <li><a href="https://github.com/chronotope/chrono/commit/0ee2172fb92df4e0be4cf7a733c860226eec37a0"><code>0ee2172</code></a> strftime: re-order items to keep impls together</li> <li><a href="https://github.com/chronotope/chrono/commit/757a8b0226e9c0a23b5334c7dc0986f1e487b8ac"><code>757a8b0</code></a> Upgrade to windows-bindgen 0.63</li> <li>Additional commits viewable in <a href="https://github.com/chronotope/chrono/compare/v0.4.41...v0.4.42">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=chrono&package-manager=cargo&previous-version=0.4.41&new-version=0.4.42)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-24 16:53:26 +00:00
"windows-link 0.1.3",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows-sys"
version = "0.45.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "75283be5efb2831d37ea142365f009c02ec203cd29a3ebecbc093d52315b66d0"
dependencies = [
"windows-targets 0.42.2",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-sys"
version = "0.52.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "282be5f36a8ce781fad8c8ae18fa3f9beff57ec1b52cb3de0789201425d9a33d"
dependencies = [
"windows-targets 0.52.6",
]
[[package]]
name = "windows-sys"
version = "0.59.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e38bc4d79ed67fd075bcc251a1c39b32a1776bbe92e5bef1f0bf1f8c531853b"
dependencies = [
"windows-targets 0.52.6",
]
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "windows-sys"
version = "0.60.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb"
dependencies = [
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"windows-targets 0.53.2",
Add cloud tasks (#3197) Adds a TUI for managing, applying, and creating cloud tasks
2025-09-30 03:10:33 -07:00
]
[[package]]
name = "windows-sys"
version = "0.61.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6f109e41dd4a3c848907eb83d5a42ea98b3769495597450cf6d153507b166f0f"
dependencies = [
"windows-link 0.2.0",
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows-targets"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8e5180c00cd44c9b1c88adb3693291f1cd93605ded80c250a75d472756b4d071"
dependencies = [
"windows_aarch64_gnullvm 0.42.2",
"windows_aarch64_msvc 0.42.2",
"windows_i686_gnu 0.42.2",
"windows_i686_msvc 0.42.2",
"windows_x86_64_gnu 0.42.2",
"windows_x86_64_gnullvm 0.42.2",
"windows_x86_64_msvc 0.42.2",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows-targets"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c"
dependencies = [
"windows_aarch64_gnullvm 0.48.5",
"windows_aarch64_msvc 0.48.5",
"windows_i686_gnu 0.48.5",
"windows_i686_msvc 0.48.5",
"windows_x86_64_gnu 0.48.5",
"windows_x86_64_gnullvm 0.48.5",
"windows_x86_64_msvc 0.48.5",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows-targets"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9b724f72796e036ab90c1021d4780d4d3d648aca59e491e6b98e725b84e99973"
dependencies = [
"windows_aarch64_gnullvm 0.52.6",
"windows_aarch64_msvc 0.52.6",
"windows_i686_gnu 0.52.6",
"windows_i686_gnullvm 0.52.6",
"windows_i686_msvc 0.52.6",
"windows_x86_64_gnu 0.52.6",
"windows_x86_64_gnullvm 0.52.6",
"windows_x86_64_msvc 0.52.6",
]
[[package]]
name = "windows-targets"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.53.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "c66f69fcc9ce11da9966ddb31a40968cad001c5bedeb5c2b82ede4253ab48aef"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"windows_aarch64_gnullvm 0.53.0",
"windows_aarch64_msvc 0.53.0",
"windows_i686_gnu 0.53.0",
"windows_i686_gnullvm 0.53.0",
"windows_i686_msvc 0.53.0",
"windows_x86_64_gnu 0.53.0",
"windows_x86_64_gnullvm 0.53.0",
"windows_x86_64_msvc 0.53.0",
]
[MCP] Introduce an experimental official rust sdk based mcp client (#4252) The [official Rust SDK](https://github.com/modelcontextprotocol/rust-sdk/tree/57fc428c578a1a3fe851ee0838bf068bda120eb3) has come a long way since we first started our mcp client implementation 5 months ago and, today, it is much more complete than our own stdio-only implementation. This PR introduces a new config flag `experimental_use_rmcp_client` which will use a new mcp client powered by the sdk instead of our own. To keep this PR simple, I've only implemented the same stdio MCP functionality that we had but will expand on it with future PRs. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-09-26 10:13:37 -07:00
[[package]]
name = "windows-threading"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b66463ad2e0ea3bbf808b7f1d371311c80e115c0b71d60efc142cafbcfb057a6"
dependencies = [
"windows-link 0.1.3",
]
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "597a5118570b68bc08d8d59125332c54f1ba9d9adeedeef5b99b02ba2b0698f8"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "32a4622180e7a0ec044bb555404c800bc9fd9ec262ec147edd5989ccd0c02cd3"
[[package]]
name = "windows_aarch64_gnullvm"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "86b8d5f90ddd19cb4a147a5fa63ca848db3df085e25fee3cc10b39b6eebae764"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows_aarch64_msvc"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e08e8864a60f06ef0d0ff4ba04124db8b0fb3be5776a5cd47641e942e58c4d43"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows_aarch64_msvc"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows_aarch64_msvc"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "09ec2a7bb152e2252b53fa7803150007879548bc709c039df7627cabbd05d469"
[[package]]
name = "windows_aarch64_msvc"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c7651a1f62a11b8cbd5e0d42526e55f2c99886c77e007179efff86c2b137e66c"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows_i686_gnu"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c61d927d8da41da96a81f029489353e68739737d3beca43145c8afec9a31a84f"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows_i686_gnu"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows_i686_gnu"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8e9b5ad5ab802e97eb8e295ac6720e509ee4c243f69d781394014ebfe8bbfa0b"
[[package]]
name = "windows_i686_gnu"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c1dc67659d35f387f5f6c479dc4e28f1d4bb90ddd1a5d3da2e5d97b42d6272c3"
[[package]]
name = "windows_i686_gnullvm"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0eee52d38c090b3caa76c563b86c3a4bd71ef1a819287c19d586d7334ae8ed66"
[[package]]
name = "windows_i686_gnullvm"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9ce6ccbdedbf6d6354471319e781c0dfef054c81fbc7cf83f338a4296c0cae11"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows_i686_msvc"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "44d840b6ec649f480a41c8d80f9c65108b92d89345dd94027bfe06ac444d1060"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows_i686_msvc"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows_i686_msvc"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "240948bc05c5e7c6dabba28bf89d89ffce3e303022809e73deaefe4f6ec56c66"
[[package]]
name = "windows_i686_msvc"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "581fee95406bb13382d2f65cd4a908ca7b1e4c2f1917f143ba16efe98a589b5d"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows_x86_64_gnu"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8de912b8b8feb55c064867cf047dda097f92d51efad5b491dfb98f6bbb70cb36"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows_x86_64_gnu"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows_x86_64_gnu"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "147a5c80aabfbf0c7d901cb5895d1de30ef2907eb21fbbab29ca94c5b08b1a78"
[[package]]
name = "windows_x86_64_gnu"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2e55b5ac9ea33f2fc1716d1742db15574fd6fc8dadc51caab1c16a3d3b4190ba"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "26d41b46a36d453748aedef1486d5c7a85db22e56aff34643984ea85514e94a3"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "24d5b23dc417412679681396f2b49f3de8c1473deb516bd34410872eff51ed0d"
[[package]]
name = "windows_x86_64_gnullvm"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0a6e035dd0599267ce1ee132e51c27dd29437f63325753051e71dd9e42406c57"
Port login server to rust (#2294) Port the login server to rust. --------- Co-authored-by: pakrym-oai <pakrym@openai.com>
2025-08-14 17:11:26 -07:00
[[package]]
name = "windows_x86_64_msvc"
version = "0.42.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9aec5da331524158c6d1a4ac0ab1541149c0b9505fde06423b02f5ef0106b9f0"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "windows_x86_64_msvc"
version = "0.48.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "windows_x86_64_msvc"
version = "0.52.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "589f6da84c646204747d1270a2a5661ea66ed1cced2631d546fdfb155959f9ec"
[[package]]
name = "windows_x86_64_msvc"
version = "0.53.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486"
[[package]]
name = "winnow"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
version = "0.7.13"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump toml_edit from 0.23.4 to 0.23.5 in /codex-rs (#7223) Bumps [toml_edit](https://github.com/toml-rs/toml) from 0.23.4 to 0.23.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/toml-rs/toml/commit/4695fb02fc3902345ffbfb54fd5df6adcc3bbd4d"><code>4695fb0</code></a> chore: Release</li> <li><a href="https://github.com/toml-rs/toml/commit/6a77ed71cf68369e823f7827b34eaa2a06d0126d"><code>6a77ed7</code></a> docs: Update changelog</li> <li><a href="https://github.com/toml-rs/toml/commit/c1e81979644a7a80141ab2d0ca284a4560eb4079"><code>c1e8197</code></a> refactor: Switch serde dependency to serde_core (<a href="https://redirect.github.com/toml-rs/toml/issues/1036">#1036</a>)</li> <li><a href="https://github.com/toml-rs/toml/commit/d85d6cd61cf122ee44db8834bc2a55e881bb0750"><code>d85d6cd</code></a> refactor: Switch serde dependency to serde_core</li> <li>See full diff in <a href="https://github.com/toml-rs/toml/compare/v0.23.4...v0.23.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=toml_edit&package-manager=cargo&previous-version=0.23.4&new-version=0.23.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-24 11:44:14 -08:00
checksum = "21a0236b59786fed61e2a80582dd500fe61f18b5dca67a4a067d0bc9039339cf"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"memchr",
]
feat: StreamableShell with exec_command and write_stdin tools (#2574)
2025-08-22 18:10:55 -07:00
[[package]]
name = "winreg"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "80d0f4e272c85def139476380b12f9ac60926689dd2e01d4923222f40580869d"
dependencies = [
"winapi",
]
fix: flaky tests 4 (#7875)
2025-12-11 14:26:27 +00:00
[[package]]
name = "winres"
version = "0.1.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b68db261ef59e9e52806f688020631e987592bd83619edccda9c47d42cde4f6c"
dependencies = [
"toml 0.5.11",
]
Bridge command generation to powershell when on Windows (#2319) ## What? Why? How? - When running on Windows, codex often tries to invoke bash commands, which commonly fail (unless WSL is installed) - Fix: Detect if powershell is available and, if so, route commands to it - Also add a shell_name property to environmental context for codex to default to powershell commands when running in that environment ## Testing - Tested within WSL and powershell (e.g. get top 5 largest files within a folder and validated that commands generated were powershell commands) - Tested within Zsh - Updated unit tests --------- Co-authored-by: Eddy Escardo <eddy@openai.com>
2025-08-20 16:30:34 -07:00
[[package]]
name = "winsafe"
version = "0.0.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d135d17ab770252ad95e9a872d365cf3090e3be864a34ab46f48555993efc904"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "wiremock"
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
version = "0.6.5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump wiremock from 0.6.4 to 0.6.5 in /codex-rs (#2666) Bumps [wiremock](https://github.com/LukeMathWalker/wiremock-rs) from 0.6.4 to 0.6.5. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/6b193047bf2c5626da5dc5f3a23b58ab9bd3f130"><code>6b19304</code></a> chore: Release wiremock version 0.6.5</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/ebaa70b024eb05a46b2192d801e4281ad663488f"><code>ebaa70b</code></a> feat: Make method and MethodExactMatcher case in-sensitive (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/165">#165</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/613b4f91353133bfced5ed973f04b8dd020ef032"><code>613b4f9</code></a> Make <code>BodyPrintLimit</code> public (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/167">#167</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/abfafd2227cb00c42b7b057faed6d2d96c42f9b8"><code>abfafd2</code></a> chore: Upgrade all deps to their latest version (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/170">#170</a>)</li> <li><a href="https://github.com/LukeMathWalker/wiremock-rs/commit/60688cfddebfdeb9d46ebc70079c8f7e4a5e8fcb"><code>60688cf</code></a> ci: Upgrade actions. Upgrade dependencies. (<a href="https://redirect.github.com/LukeMathWalker/wiremock-rs/issues/169">#169</a>)</li> <li>See full diff in <a href="https://github.com/LukeMathWalker/wiremock-rs/compare/v0.6.4...v0.6.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=wiremock&package-manager=cargo&previous-version=0.6.4&new-version=0.6.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-03 23:18:42 -07:00
checksum = "08db1edfb05d9b3c1542e521aea074442088292f00b5f28e435c714a98f85031"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"assert-json-diff",
feat: Run cargo shear during CI (#3338) Run cargo shear as part of the CI to ensure no unused dependencies
2025-09-08 18:05:08 -07:00
"base64",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"deadpool",
"futures",
chore(deps): bump sentry from 0.34.0 to 0.46.0 in /codex-rs (#8043) Bumps [sentry](https://github.com/getsentry/sentry-rust) from 0.34.0 to 0.46.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/releases">sentry's releases</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> <li>When upgrading, please ensure to adapt any queries, metrics or dashboards to use the new span names/ops.</li> </ul> </li> <li>ref(tracing): use standard code attributes (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/899">#899</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Logs now carry the attributes <code>code.module.name</code>, <code>code.file.path</code> and <code>code.line.number</code> standardized in OTEL to surface the respective information, in contrast with the previously sent <code>tracing.module_path</code>, <code>tracing.file</code> and <code>tracing.line</code>.</li> </ul> </li> <li>fix(actix): capture only server errors (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/877">#877</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-rust/blob/master/CHANGELOG.md">sentry's changelog</a>.</em></p> <blockquote> <h2>0.46.0</h2> <h3>Breaking changes</h3> <ul> <li>Removed the <code>ClientOptions</code> struct's <code>trim_backtraces</code> and <code>extra_border_frames</code> fields (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). <ul> <li>These fields configured backtrace trimming, which is being removed in this release.</li> </ul> </li> </ul> <h3>Improvements</h3> <ul> <li>Removed backtrace trimming to align the Rust SDK with the general principle that Sentry SDKs should only truncate telemetry data when needed to comply with <a href="https://develop.sentry.dev/sdk/data-model/envelopes/#size-limits">documented size limits</a> (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/925">#925</a>). This change ensures that as much data as possible remains available for debugging. <ul> <li>If you notice any new issues being created for existing errors after this change, please open an issue on <a href="https://github.com/getsentry/sentry-rust/issues/new/choose">GitHub</a>.</li> </ul> </li> </ul> <h3>Fixes</h3> <ul> <li>fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/919">#919</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a></li> </ul> <h2>0.45.0</h2> <h3>Breaking changes</h3> <ul> <li>Add custom variant to <code>AttachmentType</code> that holds an arbitrary String. (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/916">#916</a>)</li> </ul> <h2>0.44.0</h2> <h3>Breaking changes</h3> <ul> <li>feat(log): support combined LogFilters and RecordMappings (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/914">#914</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>Breaking change: <code>sentry::integrations::log::LogFilter</code> has been changed to a <code>bitflags</code> struct.</li> <li>It's now possible to map a <code>log</code> record to multiple items in Sentry by combining multiple log filters in the filter, e.g. <code>log::Level::ERROR =&gt; LogFilter::Event | LogFilter::Log</code>.</li> <li>If using a custom <code>mapper</code> instead, it's possible to return a <code>Vec&lt;sentry::integrations::log::RecordMapping&gt;</code> to map a <code>log</code> record to multiple items in Sentry.</li> </ul> </li> </ul> <h3>Behavioral changes</h3> <ul> <li>ref(log): send logs by default when logs feature flag is enabled (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/915">#915</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>If the <code>logs</code> feature flag is enabled, the default Sentry <code>log</code> logger now sends logs for all events at or above INFO.</li> </ul> </li> <li>ref(logs): enable logs by default if logs feature flag is used (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/910">#910</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>This changes the default value of <code>sentry::ClientOptions::enable_logs</code> to <code>true</code>.</li> <li>This simplifies the setup of Sentry structured logs by requiring users to just add the <code>log</code> feature flag to the <code>sentry</code> dependency to opt-in to sending logs.</li> <li>When the <code>log</code> feature flag is enabled, the <code>tracing</code> and <code>log</code> integrations will send structured logs to Sentry for all logs/events at or above INFO level by default.</li> </ul> </li> </ul> <h2>0.43.0</h2> <h3>Breaking changes</h3> <ul> <li>ref(tracing): rework tracing to Sentry span name/op conversion (<a href="https://redirect.github.com/getsentry/sentry-rust/pull/887">#887</a>) by <a href="https://github.com/lcian"><code>@​lcian</code></a> <ul> <li>The <code>tracing</code> integration now uses the tracing span name as the Sentry span name by default.</li> <li>Before this change, the span name would be set based on the <code>tracing</code> span target (<code>&lt;module&gt;::&lt;function&gt;</code> when using the <code>tracing::instrument</code> macro).</li> <li>The <code>tracing</code> integration now uses <code>&lt;span target&gt;::&lt;span name&gt;</code> as the default Sentry span op (i.e. <code>&lt;module&gt;::&lt;function&gt;</code> when using <code>tracing::instrument</code>).</li> <li>Before this change, the span op would be set based on the <code>tracing</code> span name.</li> <li>Read below to learn how to customize the span name and op.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-rust/commit/8d82bfde5944de48482e4d8ada2d2ab35978845f"><code>8d82bfd</code></a> release: 0.46.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/9525735e5cdfa25c98667aa91c3cade2ef5acdff"><code>9525735</code></a> feat(backtrace): Stop truncating backtraces (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/925">#925</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/a57b91c5c8992c0955f22cb26f0db0625c1aa9cd"><code>a57b91c</code></a> ref: Fix new Clippy lints (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/935">#935</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/57595753d6d7c039b640405a369d8b039455633c"><code>5759575</code></a> meta: Update cargo metadata (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/927">#927</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/77193f81e44500662acd115ed190dec4bb870852"><code>77193f8</code></a> chore: X handle update (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/926">#926</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/ca232686f4f338f3e13a0123b15654c32c68d47c"><code>ca23268</code></a> chore(ci): Migrate danger workflow from v2 to v3 (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/918">#918</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/2edf6d7a54dde2284b8954501beea311a2468aae"><code>2edf6d7</code></a> fix: adjust sentry.origin for log integration (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/919">#919</a>)</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/641204891076a8a4efdde9fb753a2012702e58ac"><code>6412048</code></a> Merge branch 'release/0.45.0'</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/aa6d85b90fc8dcc1292b9727c32350e1aa12a425"><code>aa6d85b</code></a> release: 0.45.0</li> <li><a href="https://github.com/getsentry/sentry-rust/commit/b99eb46bcff33ea17b309f772e0bef0db30c0bed"><code>b99eb46</code></a> feat(types): Add custom variant to <code>AttachmentType</code> (<a href="https://redirect.github.com/getsentry/sentry-rust/issues/916">#916</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-rust/compare/0.34.0...0.46.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry&package-manager=cargo&previous-version=0.34.0&new-version=0.46.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-14 22:31:55 -08:00
"http 1.3.1",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"http-body-util",
"hyper",
"hyper-util",
"log",
"once_cell",
"regex",
"serde",
"serde_json",
"tokio",
"url",
]
[[package]]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
name = "wit-bindgen-rt"
version = "0.39.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "6f42320e61fe2cfd34354ecb597f86f413484a798ba44a8ca1165c58d42da6c1"
dependencies = [
Add item streaming events (#5546) Adds AgentMessageContentDelta, ReasoningContentDelta, ReasoningRawContentDelta item streaming events while maintaining compatibility for old events. --------- Co-authored-by: Owen Lin <owen@openai.com>
2025-10-29 15:33:57 -07:00
"bitflags 2.10.0",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
[[package]]
name = "wl-clipboard-rs"
version = "0.9.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8e5ff8d0e60065f549fafd9d6cb626203ea64a798186c80d8e7df4f8af56baeb"
dependencies = [
"libc",
"log",
"os_pipe",
"rustix 0.38.44",
"tempfile",
Add unified exec escalation handling and tests (#6492) Similar implementation to the shell tool
2025-11-11 08:19:35 -08:00
"thiserror 2.0.17",
Fix wayland image paste error (#4824) ## Summary - log and surface clipboard failures instead of silently ignoring them when `Ctrl+V` pastes an image (`paste_image_to_temp_png()` now feeds an error history cell) - enable `arboard`’s `wayland-data-control` feature so native Wayland sessions can deliver image data without XWayland - keep the success path unchanged: valid images still attach and show the `[image …]` placeholder as before Fixes #4818 --------- Co-authored-by: Eric Traut <etraut@openai.com> Co-authored-by: Jeremy Rose <172423086+nornagon-openai@users.noreply.github.com>
2025-11-10 19:35:30 -03:00
"tree_magic_mini",
"wayland-backend",
"wayland-client",
"wayland-protocols",
"wayland-protocols-wlr",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "writeable"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "0.6.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "9edde0db4769d2dc68579893f2306b26c6ecfbe0ef499b013d731b7b9247e0b9"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
[[package]]
name = "x11rb"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.13.1"
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "5d91ffca73ee7f68ce055750bf9f6eca0780b8c85eff9bc046a3b0da41755e12"
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
dependencies = [
"gethostname",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"rustix 0.38.44",
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
"x11rb-protocol",
]
[[package]]
name = "x11rb-protocol"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.13.1"
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "ec107c4503ea0b4a98ef47356329af139c0a4f7750e621cf2973cd3385ebcb3d"
[[package]]
name = "xdg-home"
version = "1.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ec1cdab258fb55c0da61328dc52c8764709b249011b2cad0454c72f0bf10a1f6"
dependencies = [
"libc",
"windows-sys 0.59.0",
]
ctrl+v image + @file accepts images (#1695) allow ctrl+v in TUI for images + @file that are images are appended as raw files (and read by the model) rather than pasted as a path that cannot be read by the model. Re-used components and same interface we're using for copying pasted content in https://github.com/openai/codex/commit/72504f1d9c6eb17086d86ef1fb0d17676812461b. @aibrahim-oai as you've implemented this, mind having a look at this one? https://github.com/user-attachments/assets/c6c1153b-6b32-4558-b9a2-f8c57d2be710 --------- Co-authored-by: easong-openai <easong@openai.com> Co-authored-by: Daniel Edrisian <dedrisian@openai.com> Co-authored-by: Michael Bolin <mbolin@openai.com>
2025-08-22 18:05:43 +01:00
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "yansi"
version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cfe53a6657fd280eaa890a3bc59152892ffa3e30101319d168b781ed6529b049"
[[package]]
name = "yoke"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.8.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "5f41bb01b8226ef4bfd589436a297c53d118f65921786300e427be8d487695cc"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"serde",
"stable_deref_trait",
"yoke-derive",
"zerofrom",
]
[[package]]
name = "yoke-derive"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.8.0"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "38da3c9736e16c5d3c8c597a9aaa5d1fa565d0532ae05e27c24aa62fb32c0ab6"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"synstructure",
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "zbus"
version = "4.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bb97012beadd29e654708a0fdb4c84bc046f537aecfde2c3ee0a9e4b4d48c725"
dependencies = [
"async-broadcast",
"async-executor",
"async-fs",
"async-io",
"async-lock",
"async-process",
"async-recursion",
"async-task",
"async-trait",
"blocking",
"enumflags2",
"event-listener",
"futures-core",
"futures-sink",
"futures-util",
"hex",
"nix 0.29.0",
"ordered-stream",
"rand 0.8.5",
"serde",
"serde_repr",
"sha1",
"static_assertions",
"tracing",
"uds_windows",
"windows-sys 0.52.0",
"xdg-home",
"zbus_macros",
"zbus_names",
"zvariant",
]
[[package]]
name = "zbus_macros"
version = "4.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "267db9407081e90bbfa46d841d3cbc60f59c0351838c4bc65199ecd79ab1983e"
dependencies = [
"proc-macro-crate",
"proc-macro2",
"quote",
"syn 2.0.104",
"zvariant_utils",
]
[[package]]
name = "zbus_names"
version = "3.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4b9b1fef7d021261cc16cba64c351d291b715febe0fa10dc3a443ac5a5022e6c"
dependencies = [
"serde",
"static_assertions",
"zvariant",
]
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
[[package]]
name = "zerocopy"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.8.26"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "1039dd0d3c310cf05de012d8a39ff557cb0d23087fd44cad61df08fc31907a2f"
feat: introduce codex_execpolicy crate for defining "safe" commands (#634) As described in detail in `codex-rs/execpolicy/README.md` introduced in this PR, `execpolicy` is a tool that lets you define a set of _patterns_ used to match [`execv(3)`](https://linux.die.net/man/3/execv) invocations. When a pattern is matched, `execpolicy` returns the parsed version in a structured form that is amenable to static analysis. The primary use case is to define patterns match commands that should be auto-approved by a tool such as Codex. This supports a richer pattern matching mechanism that the sort of prefix-matching we have done to date, e.g.: https://github.com/openai/codex/blob/5e40d9d2211737f46136610497bcd9a8271009e0/codex-cli/src/approvals.ts#L333-L354 Note we are still playing with the API and the `system_path` option in particular still needs some work.
2025-04-24 17:14:47 -07:00
dependencies = [
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
"zerocopy-derive",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "zerocopy-derive"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.8.26"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "9ecf5b4cc5364572d7f4c329661bcc82724222973f2cab6f050a4e5c22f75181"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
[[package]]
name = "zerofrom"
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "50cc42e0333e05660c3587f3bf9d0478688e15d870fab3346451ce7f8c9fbea5"
dependencies = [
"zerofrom-derive",
]
[[package]]
name = "zerofrom-derive"
version = "0.1.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d71e5d6e06ab090c67b5e44993ec16b72dcbaabc526db883a360057678b48502"
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"synstructure",
]
[[package]]
name = "zeroize"
chore(deps): bump zeroize from 1.8.1 to 1.8.2 in /codex-rs (#6444) Bumps [zeroize](https://github.com/RustCrypto/utils) from 1.8.1 to 1.8.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/RustCrypto/utils/commit/c100874101bfd584870de5dde1b13dd92a17bf48"><code>c100874</code></a> zeroize v1.8.2 (<a href="https://redirect.github.com/RustCrypto/utils/issues/1229">#1229</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/3940ccbebdac7a519523b29b4ff3749863026b8f"><code>3940ccb</code></a> Switch from <code>doc_auto_cfg</code> to <code>doc_cfg</code> (<a href="https://redirect.github.com/RustCrypto/utils/issues/1228">#1228</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/c68a5204b2e66b0f60832d845e048fca96a81211"><code>c68a520</code></a> Fix Nightly warnings (<a href="https://redirect.github.com/RustCrypto/utils/issues/1080">#1080</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/b15cc6c1cddad1558d44b138ff869b0590d2ac55"><code>b15cc6c</code></a> cargo: point <code>repository</code> metadata to clonable URLs (<a href="https://redirect.github.com/RustCrypto/utils/issues/1079">#1079</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/3db6690f7be82e90a92e457d5becfd754fd10299"><code>3db6690</code></a> zeroize: fix <code>homepage</code>/<code>repository</code> in Cargo.toml (<a href="https://redirect.github.com/RustCrypto/utils/issues/1076">#1076</a>)</li> <li>See full diff in <a href="https://github.com/RustCrypto/utils/compare/zeroize-v1.8.1...zeroize-v1.8.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zeroize&package-manager=cargo&previous-version=1.8.1&new-version=1.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-09 22:03:36 -08:00
version = "1.8.2"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(deps): bump zeroize from 1.8.1 to 1.8.2 in /codex-rs (#6444) Bumps [zeroize](https://github.com/RustCrypto/utils) from 1.8.1 to 1.8.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/RustCrypto/utils/commit/c100874101bfd584870de5dde1b13dd92a17bf48"><code>c100874</code></a> zeroize v1.8.2 (<a href="https://redirect.github.com/RustCrypto/utils/issues/1229">#1229</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/3940ccbebdac7a519523b29b4ff3749863026b8f"><code>3940ccb</code></a> Switch from <code>doc_auto_cfg</code> to <code>doc_cfg</code> (<a href="https://redirect.github.com/RustCrypto/utils/issues/1228">#1228</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/c68a5204b2e66b0f60832d845e048fca96a81211"><code>c68a520</code></a> Fix Nightly warnings (<a href="https://redirect.github.com/RustCrypto/utils/issues/1080">#1080</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/b15cc6c1cddad1558d44b138ff869b0590d2ac55"><code>b15cc6c</code></a> cargo: point <code>repository</code> metadata to clonable URLs (<a href="https://redirect.github.com/RustCrypto/utils/issues/1079">#1079</a>)</li> <li><a href="https://github.com/RustCrypto/utils/commit/3db6690f7be82e90a92e457d5becfd754fd10299"><code>3db6690</code></a> zeroize: fix <code>homepage</code>/<code>repository</code> in Cargo.toml (<a href="https://redirect.github.com/RustCrypto/utils/issues/1076">#1076</a>)</li> <li>See full diff in <a href="https://github.com/RustCrypto/utils/compare/zeroize-v1.8.1...zeroize-v1.8.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zeroize&package-manager=cargo&previous-version=1.8.1&new-version=1.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-09 22:03:36 -08:00
checksum = "b97154e67e32c85465826e8bcc1c59429aaaf107c1e4a9e53c8d8ccd5eff88d0"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
dependencies = [
"zeroize_derive",
]
[[package]]
name = "zeroize_derive"
version = "1.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
[[package]]
name = "zerotrie"
version = "0.2.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "36f0bbd478583f79edad978b407914f61b2972f5af6fa089686016be8f9af595"
dependencies = [
"displaydoc",
"yoke",
"zerofrom",
]
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
[[package]]
name = "zerovec"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
version = "0.11.5"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
checksum = "6c28719294829477f525be0186d13efa9a3c602f7ec202ca9e353d310fb9a002"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
fix: `icu_decimal` version (#5919)
2025-10-29 20:46:45 +00:00
"serde",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
"yoke",
"zerofrom",
"zerovec-derive",
]
[[package]]
name = "zerovec-derive"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
version = "0.11.1"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
chore(rs): update dependencies (#1494) ### Chores - Update cargo dependencies - Remove unused cargo dependencies - Fix clippy warnings - Update Dockerfile (package.json requires node 22) - Let Dependabot update bun, cargo, devcontainers, docker, github-actions, npm (nix still not supported) ### TODO - Upgrade dependencies with breaking changes ```shell $ cargo update --verbose Unchanged crossterm v0.28.1 (available: v0.29.0) Unchanged schemars v0.8.22 (available: v1.0.4) ```
2025-07-10 20:08:16 +02:00
checksum = "5b96237efa0c878c64bd89c436f661be4e46b2f3eff1ebb976f7ef2321d2f58f"
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
dependencies = [
"proc-macro2",
"quote",
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
"syn 2.0.104",
feat: initial import of Rust implementation of Codex CLI in codex-rs/ (#629) As stated in `codex-rs/README.md`: Today, Codex CLI is written in TypeScript and requires Node.js 22+ to run it. For a number of users, this runtime requirement inhibits adoption: they would be better served by a standalone executable. As maintainers, we want Codex to run efficiently in a wide range of environments with minimal overhead. We also want to take advantage of operating system-specific APIs to provide better sandboxing, where possible. To that end, we are moving forward with a Rust implementation of Codex CLI contained in this folder, which has the following benefits: - The CLI compiles to small, standalone, platform-specific binaries. - Can make direct, native calls to [seccomp](https://man7.org/linux/man-pages/man2/seccomp.2.html) and [landlock](https://man7.org/linux/man-pages/man7/landlock.7.html) in order to support sandboxing on Linux. - No runtime garbage collection, resulting in lower memory consumption and better, more predictable performance. Currently, the Rust implementation is materially behind the TypeScript implementation in functionality, so continue to use the TypeScript implmentation for the time being. We will publish native executables via GitHub Releases as soon as we feel the Rust version is usable.
2025-04-24 13:31:40 -07:00
]
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "zune-core"
version = "0.4.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3f423a2c17029964870cfaabb1f13dfab7d092a62a29a89264f4d36990ca414a"
chore(deps): bump image from 0.25.8 to 0.25.9 in /codex-rs (#7421) Bumps [image](https://github.com/image-rs/image) from 0.25.8 to 0.25.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/main/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.9</h3> <p>Features:</p> <ul> <li>Support extracting XMP metadata from PNG, JPEG, GIF, WebP and TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2567">#2567</a>, <a href="https://redirect.github.com/image-rs/image/issues/2634">#2634</a>, <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Support reading IPTC metadata from PNG and JPG files (<a href="https://redirect.github.com/image-rs/image/issues/2611">#2611</a>)</li> <li>Support reading ICC profile from GIF files (<a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Allow setting a specific DEFLATE compression level when writing PNG (<a href="https://redirect.github.com/image-rs/image/issues/2583">#2583</a>)</li> <li>Initial support for 16-bit CMYK TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2588">#2588</a>)</li> <li>Allow extracting the alpha channel of a <code>Pixel</code> in a generic way (<a href="https://redirect.github.com/image-rs/image/issues/2638">#2638</a>)</li> </ul> <p>Structural changes:</p> <ul> <li>EXR format decoding now only uses multi-threading via Rayon when the <code>rayon</code> feature is enabled (<a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a>)</li> <li>Upgraded zune-jpeg to 0.5.x, ravif to 0.12.x, gif to 0.14.x</li> <li>pnm: parse integers in PBM/PGM/PPM headers without allocations (<a href="https://redirect.github.com/image-rs/image/issues/2620">#2620</a>)</li> <li>Replace <code>doc_auto_cfg</code> with <code>doc_cfg</code> (<a href="https://redirect.github.com/image-rs/image/issues/2637">#2637</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Do not encode empty JPEG images (<a href="https://redirect.github.com/image-rs/image/issues/2624">#2624</a>)</li> <li>tga: reject empty images (<a href="https://redirect.github.com/image-rs/image/issues/2614">#2614</a>)</li> <li>tga: fix orientation flip for color mapped images (<a href="https://redirect.github.com/image-rs/image/issues/2607">#2607</a>)</li> <li>tga: adjust colormap lookup to match tga 2.0 spec (<a href="https://redirect.github.com/image-rs/image/issues/2608">#2608</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/5ceb6af6c2b6671931a02fda955ce1676321711d"><code>5ceb6af</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2640">#2640</a> from Shnatsel/release-v0.25.9</li> <li><a href="https://github.com/image-rs/image/commit/282d7b345c9899daabee56204985336d77dc88a7"><code>282d7b3</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2646">#2646</a> from oligamiq/main</li> <li><a href="https://github.com/image-rs/image/commit/5412aeee5a2561b5e5e04f71c58aa122eb91e0c8"><code>5412aee</code></a> Amend the note in accordance with the advice of 197g.</li> <li><a href="https://github.com/image-rs/image/commit/4e8a4ed2e8294b1a78db9713bffcc8b3faa19aed"><code>4e8a4ed</code></a> Clarify default features in README and add usage note</li> <li><a href="https://github.com/image-rs/image/commit/ca8fa528ff00e9320e94ccf94fea1d236f9c1553"><code>ca8fa52</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a> from image-rs/gif-0.14</li> <li><a href="https://github.com/image-rs/image/commit/d9bc8fe7909d50b2cfc624f27094f80b0f2e8740"><code>d9bc8fe</code></a> mention GIF 0.14 changes</li> <li><a href="https://github.com/image-rs/image/commit/053220a0b1a465cec46e4104c5d4b007a676f361"><code>053220a</code></a> Provide gif's XMP and ICC metadata</li> <li><a href="https://github.com/image-rs/image/commit/2ec20b3b3b2ba985da955ff34baab87b0d7df490"><code>2ec20b3</code></a> Prepare codec with gif@0.14</li> <li><a href="https://github.com/image-rs/image/commit/31939facce719c4b56391573c24911704c3f8649"><code>31939fa</code></a> Mention EXR rayon change</li> <li><a href="https://github.com/image-rs/image/commit/c7f68be265bd1b000712255d14ba548f2709ecf8"><code>c7f68be</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a> from Shnatsel/really-optional-rayon</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.8...v0.25.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.8&new-version=0.25.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:50:51 -08:00
[[package]]
name = "zune-core"
version = "0.5.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "111f7d9820f05fd715df3144e254d6fc02ee4088b0644c0ffd0efc9e6d9d2773"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
[[package]]
name = "zune-jpeg"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
version = "0.4.19"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
source = "registry+https://github.com/rust-lang/crates.io-index"
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
checksum = "2c9e525af0a6a658e031e95f14b7f889976b74a11ba0eca5a5fc9ac8a1c43a6a"
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
dependencies = [
chore(deps): bump image from 0.25.8 to 0.25.9 in /codex-rs (#7421) Bumps [image](https://github.com/image-rs/image) from 0.25.8 to 0.25.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/image-rs/image/blob/main/CHANGES.md">image's changelog</a>.</em></p> <blockquote> <h3>Version 0.25.9</h3> <p>Features:</p> <ul> <li>Support extracting XMP metadata from PNG, JPEG, GIF, WebP and TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2567">#2567</a>, <a href="https://redirect.github.com/image-rs/image/issues/2634">#2634</a>, <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Support reading IPTC metadata from PNG and JPG files (<a href="https://redirect.github.com/image-rs/image/issues/2611">#2611</a>)</li> <li>Support reading ICC profile from GIF files (<a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a>)</li> <li>Allow setting a specific DEFLATE compression level when writing PNG (<a href="https://redirect.github.com/image-rs/image/issues/2583">#2583</a>)</li> <li>Initial support for 16-bit CMYK TIFF files (<a href="https://redirect.github.com/image-rs/image/issues/2588">#2588</a>)</li> <li>Allow extracting the alpha channel of a <code>Pixel</code> in a generic way (<a href="https://redirect.github.com/image-rs/image/issues/2638">#2638</a>)</li> </ul> <p>Structural changes:</p> <ul> <li>EXR format decoding now only uses multi-threading via Rayon when the <code>rayon</code> feature is enabled (<a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a>)</li> <li>Upgraded zune-jpeg to 0.5.x, ravif to 0.12.x, gif to 0.14.x</li> <li>pnm: parse integers in PBM/PGM/PPM headers without allocations (<a href="https://redirect.github.com/image-rs/image/issues/2620">#2620</a>)</li> <li>Replace <code>doc_auto_cfg</code> with <code>doc_cfg</code> (<a href="https://redirect.github.com/image-rs/image/issues/2637">#2637</a>)</li> </ul> <p>Bug fixes:</p> <ul> <li>Do not encode empty JPEG images (<a href="https://redirect.github.com/image-rs/image/issues/2624">#2624</a>)</li> <li>tga: reject empty images (<a href="https://redirect.github.com/image-rs/image/issues/2614">#2614</a>)</li> <li>tga: fix orientation flip for color mapped images (<a href="https://redirect.github.com/image-rs/image/issues/2607">#2607</a>)</li> <li>tga: adjust colormap lookup to match tga 2.0 spec (<a href="https://redirect.github.com/image-rs/image/issues/2608">#2608</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/image-rs/image/commit/5ceb6af6c2b6671931a02fda955ce1676321711d"><code>5ceb6af</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2640">#2640</a> from Shnatsel/release-v0.25.9</li> <li><a href="https://github.com/image-rs/image/commit/282d7b345c9899daabee56204985336d77dc88a7"><code>282d7b3</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2646">#2646</a> from oligamiq/main</li> <li><a href="https://github.com/image-rs/image/commit/5412aeee5a2561b5e5e04f71c58aa122eb91e0c8"><code>5412aee</code></a> Amend the note in accordance with the advice of 197g.</li> <li><a href="https://github.com/image-rs/image/commit/4e8a4ed2e8294b1a78db9713bffcc8b3faa19aed"><code>4e8a4ed</code></a> Clarify default features in README and add usage note</li> <li><a href="https://github.com/image-rs/image/commit/ca8fa528ff00e9320e94ccf94fea1d236f9c1553"><code>ca8fa52</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2644">#2644</a> from image-rs/gif-0.14</li> <li><a href="https://github.com/image-rs/image/commit/d9bc8fe7909d50b2cfc624f27094f80b0f2e8740"><code>d9bc8fe</code></a> mention GIF 0.14 changes</li> <li><a href="https://github.com/image-rs/image/commit/053220a0b1a465cec46e4104c5d4b007a676f361"><code>053220a</code></a> Provide gif's XMP and ICC metadata</li> <li><a href="https://github.com/image-rs/image/commit/2ec20b3b3b2ba985da955ff34baab87b0d7df490"><code>2ec20b3</code></a> Prepare codec with gif@0.14</li> <li><a href="https://github.com/image-rs/image/commit/31939facce719c4b56391573c24911704c3f8649"><code>31939fa</code></a> Mention EXR rayon change</li> <li><a href="https://github.com/image-rs/image/commit/c7f68be265bd1b000712255d14ba548f2709ecf8"><code>c7f68be</code></a> Merge pull request <a href="https://redirect.github.com/image-rs/image/issues/2643">#2643</a> from Shnatsel/really-optional-rayon</li> <li>Additional commits viewable in <a href="https://github.com/image-rs/image/compare/v0.25.8...v0.25.9">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=image&package-manager=cargo&previous-version=0.25.8&new-version=0.25.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-11-30 20:50:51 -08:00
"zune-core 0.4.12",
]
[[package]]
name = "zune-jpeg"
version = "0.5.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc6fb7703e32e9a07fb3f757360338b3a567a5054f21b5f52a666752e333d58e"
dependencies = [
"zune-core 0.5.0",
fix: introduce ResponseInputItem::McpToolCallOutput variant (#1151) The output of an MCP server tool call can be one of several types, but to date, we treated all outputs as text by showing the serialized JSON as the "tool output" in Codex: https://github.com/openai/codex/blob/25a9949c49194d5a64de54a11bcc5b4724ac9bd5/codex-rs/mcp-types/src/lib.rs#L96-L101 This PR adds support for the `ImageContent` variant so we can now display an image output from an MCP tool call. In making this change, we introduce a new `ResponseInputItem::McpToolCallOutput` variant so that we can work with the `mcp_types::CallToolResult` directly when the function call is made to an MCP server. Though arguably the more significant change is the introduction of `HistoryCell::CompletedMcpToolCallWithImageOutput`, which is a cell that uses `ratatui_image` to render an image into the terminal. To support this, we introduce `ImageRenderCache`, cache a `ratatui_image::picker::Picker`, and `ensure_image_cache()` to cache the appropriate scaled image data and dimensions based on the current terminal size. To test, I created a minimal `package.json`: ```json { "name": "kitty-mcp", "version": "1.0.0", "type": "module", "description": "MCP that returns image of kitty", "main": "index.js", "dependencies": { "@modelcontextprotocol/sdk": "^1.12.0" } } ``` with the following `index.js` to define the MCP server: ```js #!/usr/bin/env node import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js"; import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"; import { readFile } from "node:fs/promises"; import { join } from "node:path"; const IMAGE_URI = "image://Ada.png"; const server = new McpServer({ name: "Demo", version: "1.0.0", }); server.tool( "get-cat-image", "If you need a cat image, this tool will provide one.", async () => ({ content: [ { type: "image", data: await getAdaPngBase64(), mimeType: "image/png" }, ], }) ); server.resource("Ada the Cat", IMAGE_URI, async (uri) => { const base64Image = await getAdaPngBase64(); return { contents: [ { uri: uri.href, mimeType: "image/png", blob: base64Image, }, ], }; }); async function getAdaPngBase64() { const __dirname = new URL(".", import.meta.url).pathname; // From https://github.com/benjajaja/ratatui-image/blob/9705ce2c59ec669abbce2924cbfd1f5ae22c9860/assets/Ada.png const filePath = join(__dirname, "Ada.png"); const imageData = await readFile(filePath); const base64Image = imageData.toString("base64"); return base64Image; } const transport = new StdioServerTransport(); await server.connect(transport); ``` With the local changes from this PR, I added the following to my `config.toml`: ```toml [mcp_servers.kitty] command = "node" args = ["/Users/mbolin/code/kitty-mcp/index.js"] ``` Running the TUI from source: ``` cargo run --bin codex -- --model o3 'I need a picture of a cat' ``` I get: <img width="732" alt="image" src="https://github.com/user-attachments/assets/bf80b721-9ca0-4d81-aec7-77d6899e2869" /> Now, that said, I have only tested in iTerm and there is definitely some funny business with getting an accurate character-to-pixel ratio (sometimes the `CompletedMcpToolCallWithImageOutput` thinks it needs 10 rows to render instead of 4), so there is still work to be done here.
2025-05-28 19:03:17 -07:00
]
[MCP] Add support for MCP Oauth credentials (#4517) This PR adds oauth login support to streamable http servers when `experimental_use_rmcp_client` is enabled. This PR is large but represents the minimal amount of work required for this to work. To keep this PR smaller, login can only be done with `codex mcp login` and `codex mcp logout` but it doesn't appear in `/mcp` or `codex mcp list` yet. Fingers crossed that this is the last large MCP PR and that subsequent PRs can be smaller. Under the hood, credentials are stored using platform credential managers using the [keyring crate](https://crates.io/crates/keyring). When the keyring isn't available, it falls back to storing credentials in `CODEX_HOME/.credentials.json` which is consistent with how other coding agents handle authentication. I tested this on macOS, Windows, WSL (ubuntu), and Linux. I wasn't able to test the dbus store on linux but did verify that the fallback works. One quirk is that if you have credentials, during development, every build will have its own ad-hoc binary so the keyring won't recognize the reader as being the same as the write so it may ask for the user's password. I may add an override to disable this or allow users/enterprises to opt-out of the keyring storage if it causes issues. <img width="5064" height="686" alt="CleanShot 2025-09-30 at 19 31 40" src="https://github.com/user-attachments/assets/9573f9b4-07f1-4160-83b8-2920db287e2d" /> <img width="745" height="486" alt="image" src="https://github.com/user-attachments/assets/9562649b-ea5f-4f22-ace2-d0cb438b143e" />
2025-10-03 10:43:12 -07:00
[[package]]
name = "zvariant"
version = "4.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2084290ab9a1c471c38fc524945837734fbf124487e105daec2bb57fd48c81fe"
dependencies = [
"endi",
"enumflags2",
"serde",
"static_assertions",
"zvariant_derive",
]
[[package]]
name = "zvariant_derive"
version = "4.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "73e2ba546bda683a90652bac4a279bc146adad1386f25379cf73200d2002c449"
dependencies = [
"proc-macro-crate",
"proc-macro2",
"quote",
"syn 2.0.104",
"zvariant_utils",
]
[[package]]
name = "zvariant_utils"
version = "2.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c51bcff7cc3dbb5055396bcf774748c3dab426b4b8659046963523cee4808340"
dependencies = [
"proc-macro2",
"quote",
"syn 2.0.104",
]
Reference in a new issue Copy permalink