Merge branch 'main' into add-github-action-for-nix

Author: jessfraz

codex-rs/code

@@ -184,19 +184,23 @@ impl ModelClient {
 
         let input_with_instructions = prompt.get_formatted_input();
 
-        // Only include `text.verbosity` for GPT-5 family models
-        let text = if self.config.model_family.family == "gpt-5" {
-            create_text_param_for_request(self.config.model_verbosity, &prompt.output_schema)
-        } else {
-            if self.config.model_verbosity.is_some() {
-                warn!(
-                    "model_verbosity is set but ignored for non-gpt-5 model family: {}",
-                    self.config.model_family.family
-                );
+        let verbosity = match &self.config.model_family.family {
+            family if family == "gpt-5" => self.config.model_verbosity,
+            _ => {
+                if self.config.model_verbosity.is_some() {
+                    warn!(
+                        "model_verbosity is set but ignored for non-gpt-5 model family: {}",
+                        self.config.model_family.family
+                    );
+                }
+
+                None
             }
-            None
         };
 
+        // Only include `text.verbosity` for GPT-5 family models
+        let text = create_text_param_for_request(verbosity, &prompt.output_schema);
+
         // In general, we want to explicitly send `store: false` when using the Responses API,
         // but in practice, the Azure Responses API rejects `store: false`:
         //

codex-rs/core/src/client.rs

@@ -2,6 +2,14 @@ use crate::bash::try_parse_bash;
 use crate::bash::try_parse_word_only_commands_sequence;
 
 pub fn is_known_safe_command(command: &[String]) -> bool {
+    #[cfg(target_os = "windows")]
+    {
+        use super::windows_safe_commands::is_safe_command_windows;
+        if is_safe_command_windows(command) {
+            return true;
+        }
+    }
+
     if is_safe_to_call_with_exec(command) {
         return true;
     }
@@ -24,7 +32,6 @@ pub fn is_known_safe_command(command: &[String]) -> bool {
     {
         return true;
     }
-
     false
 }
 

codex-rs/core/src/is_safe_command.rs …re/src/command_safety/is_safe_command.rscodex-rs/core/src/is_safe_command.rs renamed to codex-rs/core/src/command_safety/is_safe_command.rs codex-rs/core/src/is_safe_command.rs renamed to codex-rs/core/src/command_safety/is_safe_command.rs

@@ -0,0 +1,3 @@
+pub mod is_safe_command;
+#[cfg(target_os = "windows")]
+pub mod windows_safe_commands;

codex-rs/core/src/command_safety/mod.rs

@@ -0,0 +1,25 @@
+// This is a WIP. This will eventually contain a real list of common safe Windows commands.
+pub fn is_safe_command_windows(_command: &[String]) -> bool {
+    false
+}
+
+#[cfg(test)]
+mod tests {
+    use super::is_safe_command_windows;
+
+    fn vec_str(args: &[&str]) -> Vec<String> {
+        args.iter().map(ToString::to_string).collect()
+    }
+
+    #[test]
+    fn everything_is_unsafe() {
+        for cmd in [
+            vec_str(&["powershell.exe", "-NoLogo", "-Command", "echo hello"]),
+            vec_str(&["copy", "foo", "bar"]),
+            vec_str(&["del", "file.txt"]),
+            vec_str(&["powershell.exe", "Get-ChildItem"]),
+        ] {
+            assert!(!is_safe_command_windows(&cmd));
+        }
+    }
+}

codex-rs/core/src/command_safety/windows_safe_commands.rs

@@ -1,16 +1,6 @@
-use std::time::Duration;
-
 use env_flags::env_flags;
 
 env_flags! {
-    pub OPENAI_API_BASE: &str = "https://api.openai.com/v1";
-
-    /// Fallback when the provider-specific key is not set.
-    pub OPENAI_API_KEY: Option<&str> = None;
-    pub OPENAI_TIMEOUT_MS: Duration = Duration::from_millis(300_000), |value| {
-        value.parse().map(Duration::from_millis)
-    };
-
     /// Fixture path for offline tests (see client.rs).
     pub CODEX_RS_SSE_FIXTURE: Option<&str> = None;
 }

codex-rs/core/src/flags.rs

@@ -15,6 +15,7 @@ pub mod codex;
 mod codex_conversation;
 pub mod token_data;
 pub use codex_conversation::CodexConversation;
+mod command_safety;
 pub mod config;
 pub mod config_edit;
 pub mod config_profile;
@@ -29,7 +30,6 @@ pub mod exec_env;
 mod flags;
 pub mod git_info;
 pub mod internal_storage;
-mod is_safe_command;
 pub mod landlock;
 mod mcp_connection_manager;
 mod mcp_tool_call;
@@ -80,6 +80,7 @@ mod user_notification;
 pub mod util;
 
 pub use apply_patch::CODEX_APPLY_PATCH_ARG1;
+pub use command_safety::is_safe_command;
 pub use safety::get_platform_sandbox;
 // Re-export the protocol types from the standalone `codex-protocol` crate so existing
 // `codex_core::protocol::...` references continue to work across the workspace.

codex-rs/core/src/lib.rs

@@ -30,7 +30,16 @@ const SCHEMA: &str = r#"
 "#;
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
-async fn codex_returns_json_result() -> anyhow::Result<()> {
+async fn codex_returns_json_result_for_gpt5() -> anyhow::Result<()> {
+    codex_returns_json_result("gpt-5".to_string()).await
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn codex_returns_json_result_for_gpt5_codex() -> anyhow::Result<()> {
+    codex_returns_json_result("gpt-5-codex".to_string()).await
+}
+
+async fn codex_returns_json_result(model: String) -> anyhow::Result<()> {
     non_sandbox_test!(result);
 
     let server = start_mock_server().await;
@@ -72,7 +81,7 @@ async fn codex_returns_json_result() -> anyhow::Result<()> {
             cwd: cwd.path().to_path_buf(),
             approval_policy: AskForApproval::Never,
             sandbox_policy: SandboxPolicy::DangerFullAccess,
-            model: "gpt-5".to_string(),
+            model,
             effort: None,
             summary: ReasoningSummary::Auto,
         })