Add codex app-server transport with compatibility fallback

[axeldelafosse]

Summary

• Add a new Codex app-server transport path that reuses a codex app-server process for turns.
• Add automatic fallback to legacy codex exec --json when the app-server transport reports compatibility issues.
• Ensure the app-server process is cleaned up when the CLI exits.
• Improve signal handling so SIGINT/SIGTERM is forwarded to both child workers and the app-server transport.
• Improve Codex process detection in panel to account for app-server wrapper and runtime patterns.
• Harden Codex history parsing by falling back to top-level session metadata when payload fields are missing.
• Add CODEX_TRANSPORT=app-server|exec support and document the default in help/README.
• Add focused unit tests for app-server protocol parsing/turn handling, runner fallback and signal behavior, and panel parsing changes.

Files Changed

• src/loop/codex-app-server.ts (new)
• src/loop/main.ts
• src/loop/runner.ts
• src/loop/panel.ts
• src/loop/constants.ts
• README.md
• tests/loop/codex-app-server.test.ts
• tests/loop/runner.test.ts
• tests/loop/main.test.ts
• tests/loop/panel.test.ts

[gemini-code-assist]

Summary of Changes

Hello @axeldelafosse, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly upgrades the interaction with Codex by introducing a persistent app-server transport, moving away from a per-turn execution model. This change aims to enhance performance and stability. A critical aspect of this update is the built-in fallback to the older execution method, ensuring that the system remains functional even if the new app-server encounters compatibility problems. Additionally, the PR refines process management, improves the detection of Codex instances, and makes history parsing more robust, all contributing to a more reliable and user-friendly experience.

Highlights

• Codex App-Server Transport: Introduced a new transport path that reuses a 'codex app-server' process for turns, improving efficiency by maintaining a single session.
• Automatic Fallback Mechanism: Implemented automatic fallback to the legacy 'codex exec --json' method when the app-server transport encounters compatibility issues, ensuring robustness.
• Process Management and Cleanup: Ensured the app-server process is properly cleaned up when the CLI exits and improved signal handling (SIGINT/SIGTERM) to forward to both child workers and the app-server transport.
• Enhanced Codex Process Detection: Improved the panel's ability to detect Codex processes, accounting for new app-server wrapper and runtime patterns.
• Robust History Parsing: Hardened Codex history parsing by adding a fallback to top-level session metadata when expected payload fields are missing, making it more resilient to varied data structures.
• Configurable Transport Mode: Added support for the 'CODEX_TRANSPORT=app-server|exec' environment variable, allowing users to explicitly choose the Codex transport mode, with documentation in help messages and the README.
• Comprehensive Unit Testing: Added focused unit tests covering app-server protocol parsing, turn handling, runner fallback, signal behavior, and panel parsing changes to ensure reliability.

Changelog

• README.md
  • Documented the new CODEX_TRANSPORT environment variable and its usage for selecting Codex transport mode.
• src/loop.ts
  • Wrapped the main CLI execution in a try...finally block to ensure closeAppServer is called for proper cleanup.
• src/loop/codex-app-server.ts
  • Added a new file implementing the Codex app-server transport logic, including request/response handling, stream consumption, and error management.
  • Defined interfaces for JSON frames, pending requests, and turn states.
  • Implemented methods for starting, running turns, interrupting, and closing the app-server client.
  • Included utility functions for parsing JSON lines, extracting text, and identifying error types.
• src/loop/constants.ts
  • Updated the help message to include documentation for the CODEX_TRANSPORT environment variable.
• src/loop/main.ts
  • Introduced a stopMessage constant to standardize done signal messages.
  • Updated hasSignal calls to directly use the combined output string.
• src/loop/panel.ts
  • Added new helper functions (isNodeOrBunToken, isCodexBinaryToken, isCodexAppServerToken, tokenizeCommand, commandBinaryTokens, isCodexAppServerProcess, isCodexAppServerWrapper, isCodexEngine) for more accurate Codex process detection.
  • Refactored parseProcessList to utilize the new process detection logic, improving identification of Codex app-server instances and their wrappers.
  • Enhanced parseCodexHistoryRow to fall back to top-level session metadata (id, session, sessionId, cwd, type) when payload fields are missing, increasing parsing robustness.
• src/loop/runner.ts
  • Integrated the new codex-app-server module for Codex agent execution.
  • Modified signal handlers (onSigint, onSigterm) to also interrupt the app-server process.
  • Updated syncSignalHandlers to account for active app-server runs when determining if signal listeners are needed.
  • Introduced runCodexAgent to manage app-server transport, including starting the server, handling turns, and implementing fallback to runLegacyAgent on compatibility errors.
  • Refactored runAgent to dispatch to runCodexAgent for 'codex' agent type and runLegacyAgent for others.
  • Added appendParsedLine helper for consistent output formatting.
  • Implemented a fallbackWarned flag to prevent repetitive fallback messages.
• tests/loop/codex-app-server.test.ts
  • Added a new test file to thoroughly test the codex-app-server module's functionality.
  • Included tests for JSON parsing, text extraction, error handling, and the app-server's lifecycle (start, run turn, close).
  • Verified fallback behavior for unsupported methods and unexpected exits.
  • Tested handling of agent messages (camelCase and snake_case) and approval requests.
• tests/loop/main.test.ts
  • Updated test setup to restore mocks and correctly import createRunReview.
  • Added isTTY handling to a test to ensure proper terminal simulation.
• tests/loop/panel.test.ts
  • Added new tests for parseProcessList to verify correct detection and deduplication of various Codex app-server process patterns (e.g., direct, wrapped, node/bun invocations).
  • Added a test for parseCodexHistoryRow to confirm its fallback mechanism for missing payload data.
• tests/loop/runner.test.ts
  • Added a new test file for the runner module, focusing on the integration of the app-server transport.
  • Tested default app-server usage, explicit CODEX_TRANSPORT=exec fallback, and propagation of exit codes.
  • Verified that fallback to legacy mode occurs only once per process for compatibility errors.
  • Included tests for signal handling (SIGINT) and its effect on the app-server process.
• tests/loop/task.test.ts
  • Updated mocks to include hasSignal from src/loop/utils for accurate testing.

Activity

• The pull request introduces a new Codex app-server transport and associated fallback logic, along with improvements to process detection and history parsing. All changes were made by the author, axeldelafosse, and are reflected in the provided patches and description. No external review comments or specific activity beyond the initial commit and description are available in the provided context.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new codex app-server transport for improved performance and session reuse, with a robust fallback to the legacy codex exec transport. However, a security audit identified critical vulnerabilities: the automatic approval of commands generated by the LLM poses a Remote Code Execution risk, compounded by a high-severity prompt injection vulnerability that could allow malicious command generation. While the implementation includes comprehensive unit tests and clear documentation, and there is one minor suggestion for improving code clarity, addressing these security concerns is paramount.