core/core-agent-ide
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Agent IDE — Codex fork for AI-native development environment
4573 commits 2 branches 0 tags 80 MiB
Find a file
iceweasel-oai d0a693e541
windows-sandbox: add runner IPC foundation for future unified_exec (#14139) 
# Summary

This PR introduces the Windows sandbox runner IPC foundation that later
unified_exec work will build on.

The key point is that this is intentionally infrastructure-only. The new
IPC transport, runner plumbing, and ConPTY helpers are added here, but
the active elevated Windows sandbox path still uses the existing
request-file bootstrap. In other words, this change prepares the
transport and module layout we need for unified_exec without switching
production behavior over yet.

Part of this PR is also a source-layout cleanup: some Windows sandbox
files are moved into more explicit `elevated/`, `conpty/`, and shared
locations so it is clearer which code is for the elevated sandbox flow,
which code is legacy/direct-spawn behavior, and which helpers are shared
between them. That reorganization is intentional in this first PR so
later behavioral changes do not also have to carry a large amount of
file-move churn.

# Why This Is Needed For unified_exec

Windows elevated sandboxed unified_exec needs a long-lived,
bidirectional control channel between the CLI and a helper process
running under the sandbox user. That channel has to support:

- starting a process and reporting structured spawn success/failure
- streaming stdout/stderr back incrementally
- forwarding stdin over time
- terminating or polling a long-lived process
- supporting both pipe-backed and PTY-backed sessions

The existing elevated one-shot path is built around a request-file
bootstrap and does not provide those primitives cleanly. Before we can
turn on Windows sandbox unified_exec, we need the underlying runner
protocol and transport layer that can carry those lifecycle events and
streams.

# Why Windows Needs More Machinery Than Linux Or macOS

Linux and macOS can generally build unified_exec on top of the existing
sandbox/process model: the parent can spawn the child directly, retain
normal ownership of stdio or PTY handles, and manage the lifetime of the
sandboxed process without introducing a second control process.

Windows elevated sandboxing is different. To run inside the sandbox
boundary, we cross into a different user/security context and then need
to manage a long-lived process from outside that boundary. That means we
need an explicit helper process plus an IPC transport to carry spawn,
stdin, output, and exit events back and forth. The extra code here is
mostly that missing Windows sandbox infrastructure, not a conceptual
difference in unified_exec itself.

# What This PR Adds

- the framed IPC message types and transport helpers for parent <->
runner communication
- the renamed Windows command runner with both the existing request-file
bootstrap and the dormant IPC bootstrap
- named-pipe helpers for the elevated runner path
- ConPTY helpers and process-thread attribute plumbing needed for
PTY-backed sessions
- shared sandbox/process helpers that later PRs will reuse when
switching live execution paths over
- early file/module moves so later PRs can focus on behavior rather than
layout churn

# What This PR Does Not Yet Do

- it does not switch the active elevated one-shot path over to IPC yet
- it does not enable Windows sandbox unified_exec yet
- it does not remove the existing request-file bootstrap yet

So while this code compiles and the new path has basic validation, it is
not yet the exercised production path. That is intentional for this
first PR: the goal here is to land the transport and runner foundation
cleanly before later PRs start routing real command execution through
it.

# Follow-Ups

Planned follow-up PRs will:

1. switch elevated one-shot Windows sandbox execution to the new runner
IPC path
2. layer Windows sandbox unified_exec sessions on top of the same
transport
3. remove the legacy request-file path once the IPC-based path is live

# Validation

- `cargo build -p codex-windows-sandbox`
2026-03-16 19:45:06 +00:00
.codex/skills Add PR babysitting skill for this repo (#12513) 2026-02-22 15:36:28 -08:00
.devcontainer fix: include libcap-dev dependency when creating a devcontainer for building Codex (#13814) 2026-03-06 16:21:14 -08:00
.github Move TUI on top of app server (parallel code) (#14717) 2026-03-16 10:49:19 -06:00
.vscode chore: rm --all-features flag from rust-analyzer (#13381) 2026-03-03 11:44:54 -08:00
codex-cli Update pnpm versions to fix cve-2026-24842 (#12009) 2026-02-19 14:27:55 -08:00
codex-rs windows-sandbox: add runner IPC foundation for future unified_exec (#14139) 2026-03-16 19:45:06 +00:00
docs client: extend custom CA handling across HTTPS and websocket clients (#14239) 2026-03-13 00:59:26 +00:00
patches [bazel] Bump up cc and rust toolchains (#14542) 2026-03-13 18:01:38 +00:00
scripts check for large binaries in CI (#14382) 2026-03-11 22:39:08 +00:00
sdk Refresh Python SDK generated types (#14646) 2026-03-14 05:50:33 +00:00
shell-tool-mcp refactor: delete exec-server and move execve wrapper into shell-escalation (#12632) 2026-02-23 20:10:22 -08:00
third_party Add feature-gated freeform js_repl core runtime (#10674) 2026-02-11 12:05:02 -08:00
tools/argument-comment-lint Add argument-comment Dylint runner (#14651) 2026-03-14 08:18:04 -07:00
.bazelignore [bazel] Improve runfiles handling (#10098) 2026-01-29 00:15:44 +00:00
.bazelrc [bazel] Bump up cc and rust toolchains (#14542) 2026-03-13 18:01:38 +00:00
.bazelversion [bazel] Upgrade to bazel9 (#9576) 2026-01-21 13:25:36 +00:00
.codespellignore feat(network-proxy): structured policy signaling and attempt correlation to core (#11662) 2026-02-13 09:01:11 +00:00
.codespellrc feat(network-proxy): structured policy signaling and attempt correlation to core (#11662) 2026-02-13 09:01:11 +00:00
.gitignore gitignore bazel-* (#8911) 2026-01-08 07:50:58 -08:00
.markdownlint-cli2.yaml fix(tui): document paste-burst state machine (#9020) 2026-01-13 11:48:31 -08:00
.npmrc chore: migrate to pnpm for improved monorepo management (#287) 2025-04-18 16:25:15 -07:00
.prettierignore [apply-patch] Clean up apply-patch tool definitions (#2539) 2025-08-21 20:07:41 -07:00
.prettierrc.toml Initial commit 2025-04-16 12:56:08 -04:00
AGENTS.md Move TUI on top of app server (parallel code) (#14717) 2026-03-16 10:49:19 -06:00
announcement_tip.toml nit: test an (#10892) 2026-02-06 14:41:53 +01:00
BUILD.bazel fix(ci): restore guardian coverage and bazel unit tests (#13912) 2026-03-08 12:05:19 -07:00
CHANGELOG.md Documentation improvement: add missing period (#3754) 2025-10-30 13:01:33 -07:00
cliff.toml docs(changelog): update install command to @openai/codex@<version> (#2073) 2025-10-18 11:02:22 -07:00
defs.bzl fix(ci): restore guardian coverage and bazel unit tests (#13912) 2026-03-08 12:05:19 -07:00
flake.lock fix(nix): update flake for newer Rust toolchain requirements (#10302) 2026-01-31 11:34:53 -08:00
flake.nix fix(nix): use correct version from Cargo.toml in flake build (#11770) 2026-02-13 12:19:25 -08:00
justfile Add argument-comment Dylint runner (#14651) 2026-03-14 08:18:04 -07:00
LICENSE Initial commit 2025-04-16 12:56:08 -04:00
MODULE.bazel [bazel] Bump up cc and rust toolchains (#14542) 2026-03-13 18:01:38 +00:00
MODULE.bazel.lock [bazel] Bump up cc and rust toolchains (#14542) 2026-03-13 18:01:38 +00:00
NOTICE Add feature-gated freeform js_repl core runtime (#10674) 2026-02-11 12:05:02 -08:00
package.json start of hooks engine (#13276) 2026-03-10 04:11:31 +00:00
pnpm-lock.yaml chore: ensure pnpm-workspace.yaml is up-to-date (#10140) 2026-01-29 10:49:03 -08:00
pnpm-workspace.yaml chore: ensure pnpm-workspace.yaml is up-to-date (#10140) 2026-01-29 10:49:03 -08:00
rbe.bzl [bazel] Bump rules_rs and llvm (#13366) 2026-03-04 01:59:32 +00:00
README.md docs: mention Codex app in README intro (#11926) 2026-02-16 17:35:05 +01:00
SECURITY.md docs: add codex security policy (#12193) 2026-02-19 09:12:59 -08:00
workspace_root_test_launcher.bat.tpl fix(ci): restore guardian coverage and bazel unit tests (#13912) 2026-03-08 12:05:19 -07:00
workspace_root_test_launcher.sh.tpl fix(ci): restore guardian coverage and bazel unit tests (#13912) 2026-03-08 12:05:19 -07:00

README.md

npm i -g @openai/codex
or brew install --cask codex

Codex CLI is a coding agent from OpenAI that runs locally on your computer.

Codex CLI splash


If you want Codex in your code editor (VS Code, Cursor, Windsurf), install in your IDE.
If you want the desktop app experience, run codex app or visit the Codex App page.
If you are looking for the cloud-based agent from OpenAI, Codex Web, go to chatgpt.com/codex.

Quickstart

Installing and running Codex CLI

Install globally with your preferred package manager:

# Install using npm
npm install -g @openai/codex

# Install using Homebrew
brew install --cask codex

Then simply run codex to get started.

You can also go to the latest GitHub Release and download the appropriate binary for your platform.

Each GitHub Release contains many executables, but in practice, you likely want one of these:

  • macOS
    • Apple Silicon/arm64: codex-aarch64-apple-darwin.tar.gz
    • x86_64 (older Mac hardware): codex-x86_64-apple-darwin.tar.gz
  • Linux
    • x86_64: codex-x86_64-unknown-linux-musl.tar.gz
    • arm64: codex-aarch64-unknown-linux-musl.tar.gz

Each archive contains a single entry with the platform baked into the name (e.g., codex-x86_64-unknown-linux-musl), so you likely want to rename it to codex after extracting it.

Using Codex with your ChatGPT plan

Run codex and select Sign in with ChatGPT. We recommend signing into your ChatGPT account to use Codex as part of your Plus, Pro, Team, Edu, or Enterprise plan. Learn more about what's included in your ChatGPT plan.

You can also use Codex with an API key, but this requires additional setup.

Docs

This repository is licensed under the Apache-2.0 License.