Developer
Michael Bolin
mbolin@openai.com
Performance
Key patterns and highlights from this developer's activity.
Breakdown of growth, maintenance, and fixes effort over time.
Bugs introduced vs. fixed over time.
Reclassifies engineering effort based on bug attribution. Commits that introduced bugs are retrospectively counted as poor investments.
Investment Quality reclassifies engineering effort based on bug attribution data. Commits identified as buggy origins (those that introduced bugs later fixed by someone) have their grow and maintenance time moved into the Wasted Time category. Their waste (fix commits) remains counted as productive. All other commits retain their standard classification: grow is productive, maintenance is maintenance, and waste (fixes) is productive.
The standard model classifies commits as Growth, Maintenance, or Fixes. Investment Quality adds a quality lens: a commit that introduced a bug is retrospectively counted as a poor investment — the engineering time spent on it was wasted because it ultimately required additional fix work. Fix commits (Fixes in the standard model) are reframed as productive, because fixing bugs is valuable work.
Currently computed client-side from commit and bug attribution data. Ideal server-side endpoint:
POST /v1/organizations/{orgId}/investment-quality
Content-Type: application/json
Request:
{
"startTime": "2025-01-01T00:00:00Z",
"endTime": "2025-12-31T23:59:59Z",
"bucketSize": "BUCKET_SIZE_MONTH",
"groupBy": ["repository_id" | "deliverer_email"]
}
Response:
{
"productivePct": 74,
"maintenancePct": 18,
"wastedPct": 8,
"buckets": [
{
"bucketStart": "2025-01-01T00:00:00Z",
"productive": 4.2,
"maintenance": 1.8,
"wasted": 0.6
}
]
}Latest analyzed commits from this developer.
| Hash | Message | Date | Files |
|---|
Commit activity distribution by hour and day of week. Shows when this developer is most active.
Developers who frequently work on the same files and symbols. Higher score means stronger code collaboration.
| Effort |
|---|
| 9a8730f3 | This commit introduces a **new CI check** to enforce consistent **Cargo workspace settings** across all `codex-rs` crates. A Python script, `.github/scripts/verify_cargo_workspace_manifests.py`, is added to the CI pipeline (`.github/workflows/ci.yml`) to verify that `Cargo.toml` files correctly inherit `version`, `edition`, `license`, and `[lints] workspace = true` from the workspace root, and adhere to naming conventions. This **maintenance and code quality improvement** addresses a discrepancy where `cargo clippy` could miss lints caught by Bazel's clippy due to misconfigured workspace inheritance. Consequently, several `codex-rs` modules, including `app-server/tests/common`, `file-search`, `feedback`, `shell-escalation`, and `debug-client`, had their `Cargo.toml` files updated and newly exposed clippy violations fixed, ensuring a unified linting experience and preventing future configuration drift. | Mar 31 | 24 | maint |
| 04ec9ef8 | This commit provides a **bug fix** for **Windows-specific test failures** affecting the **external bearer token refresh mechanism**. It addresses an issue where embedded PowerShell scripts within tests in `codex-rs/login` and `codex-rs/core` would incorrectly parse tokens due to `Get-Content` returning a scalar instead of an array on Windows when `tokens.txt` had only one line. By wrapping `Get-Content -Path tokens.txt` in `@(...)`, the PowerShell scripts now consistently receive array semantics, ensuring correct token handling and **restoring reliability to bearer refresh tests** on Windows. This change specifically impacts the `auth_tests.rs`, `manager_tests.rs`, and `client.rs` test files. | Mar 31 | 3 | maint |
| 03b24655 | This commit provides a **bug fix** to resolve a **failing CI workflow** by addressing a clippy lint violation. Specifically, it adds `#[expect]` attributes to the `send_provider_auth_request` function within the **`codex-rs/core` testing suite** (`client.rs`) to suppress `expect_used` and `unwrap_used` warnings. This **maintenance** action temporarily aligns the project's linting status, allowing CI to pass while the underlying discrepancy between Cargo and Bazel clippy configurations is investigated. The change ensures the **test suite** remains functional and CI remains green. | Mar 31 | 1 | maint |
| 20f43c1e | This commit introduces **dynamic authentication token support** for **custom model providers** within the `core` module, enabling them to use short-lived bearer tokens generated by an external command. It adds a new `auth` configuration block under `model_providers.<id>` that specifies a command to execute for obtaining and refreshing tokens, addressing a limitation where only static credentials were supported. This **new capability** enhances flexibility for integrating enterprise model gateways by wiring the command-backed token generation through the existing `AuthManager` for `ModelClient` and `ModelsManager` requests, including initial `/models` endpoint calls. The change involves updates to the configuration schema, validation logic, and the authentication flow to ensure proper token management and prevent conflicts with other auth methods. | Mar 31 | 17 | maint |
| 00719688 | This commit introduces **external bearer token authentication** directly into the `AuthManager` within the **`codex-login`** module, centralizing the handling of provider-backed authentication. It adds a **new capability** for `AuthManager` to own the resolution and `401` recovery for these tokens, preventing the need for separate authentication abstractions in `codex-core`. This involves moving `ModelProviderAuthInfo` to `codex-protocol` for shared configuration and updating `app-server` to use the new `AuthManager` methods. The change is a **refactoring** that prepares the system for future provider integrations by ensuring all request tokens flow through a unified `AuthManager.auth()` interface, improving consistency and maintainability. | Mar 31 | 7 | grow |
| ea650a91 | This commit **refactors** the **external authentication subsystem** to generalize `ExternalAuthTokens` and `ExternalAuthRefresher`, moving beyond a ChatGPT-specific structure. `ExternalAuthTokens` now explicitly supports an `access_token` with optional `ExternalAuthChatgptMetadata`, and `ExternalAuthRefresher` gains a `resolve()` method for pre-request token resolution. This **generalization** enables first-class support for **bearer-only external authentication sources**, laying the groundwork for future provider-agnostic authentication. The **app-server bridge** is updated to construct the new token shape, while strictness for existing ChatGPT auth state persistence is maintained. | Mar 31 | 4 | maint |
| 19f0d196 | This commit **refactors** the **Windows CI pipeline** to execute the `argument-comment-lint` via **native Bazel aspects**, aligning it with the existing Linux and macOS setups. This **new capability** required significant **toolchain configuration** and **bug fixes** within the **Bazel build system** to support a mixed environment where execution-side helper binaries use `windows-msvc` while target crates are built with `windows-gnullvm`. Key changes involve extensive patching of `rules_rust` to correctly handle platform constraints, environment propagation, and `rustc-dev` artifacts, alongside tactical patches to `aws-lc-sys` to resolve Windows-specific build issues. The overall impact is a more robust and performant **Windows CI environment** and improved **Bazel/Rust integration** for complex, mixed toolchain scenarios. | Mar 30 | 19 | grow |
| 9313c49e | This commit **fixes critical gaps** in the **`argument-comment-lint` CI** by expanding its coverage and enforcing stricter rules. It introduces `tools/argument-comment-lint/list-bazel-targets.sh` to ensure Bazel-backed lint runs include `manual` `rust_test` targets, thereby covering inline unit tests within `codex-rs` modules. Furthermore, it **promotes `argument-comment-mismatch` and `uncommented-anonymous-literal-argument` lints to errors** across all strict entrypoints, including `lint_aspect.bzl` and `wrapper_common.py`, preventing previously allowed comment typos or omissions. This **maintenance and bug fix** effort significantly **improves code quality enforcement** for argument comments, affecting the **`codex-rs/linux-sandbox`** and **`codex-rs/core`** modules by fixing existing violations and preventing future ones. | Mar 30 | 12 | maint |
| 258ba436 | This commit performs a significant **refactoring** by **migrating shared discoverable tool models** from `codex-core` to the `codex-tools` crate. Specifically, types like `DiscoverableTool` and `DiscoverablePluginInfo`, along with the `filter_tool_suggest_discoverable_tools_for_client` function, are now defined in `codex-rs/tools/src/tool_discovery.rs`. This change centralizes the definitions for the **tool discovery and suggestion stack**, allowing `codex-core` modules such as `core/src/tools` and `core/src/plugins` to consume these types from `codex-tools` and eliminating the need for a duplicate `core/src/tools/discoverable.rs` module. The **architectural migration** improves modularity and consistency by establishing `codex-tools` as the single source of truth for these critical tool metadata structures. | Mar 30 | 17 | maint |
| 716f7b04 | This commit **refactors** and **migrates** the **tool discovery and suggestion spec building logic** from `codex-core` to the `codex-tools` crate. It moves the `tool_search` and `tool_suggest` spec builders, along with shared `DiscoverableToolAction` and `DiscoverableToolType` enums, into a new `codex-tools/src/tool_discovery.rs` module. This **decouples** the reusable spec construction from `codex-core`'s runtime state, allowing `core/src/tools/spec.rs` to focus solely on policy decisions regarding tool exposure. The `codex-core` module now delegates the actual spec building to the new `codex-tools` functions, enhancing modularity and clarifying responsibilities between the crates. This is a **maintenance** and **refactoring** effort to streamline the `codex-tools` migration. | Mar 30 | 9 | grow |
| af568afd | This commit performs a significant **architectural refactoring** by **migrating** several pure utility tool specifications from the `codex-core` crate to the `codex-tools` crate. It extracts definitions for **code-mode** (`exec`, `wait`), **JS REPL** (`js_repl`, `js_repl_reset`), **MCP resource** tools, and general **utility tools** (`list_dir`, `test_sync_tool`) into new, dedicated modules within `codex-tools`. This **decouples** `codex-core`'s `core/src/tools/spec.rs` from these low-coupling tool definitions, streamlining the core module and enhancing the overall modularity and maintainability of the project. The change also includes migrating corresponding tests and updating the `codex-rs/tools/README.md` to reflect the new ownership. | Mar 29 | 12 | grow |
| 7880414a | This commit performs a significant **refactoring** by **extracting pure tool specification builders** from `codex-core` into the `codex-tools` crate. Specifically, it moves the logic for constructing **collaboration tools** (e.g., `spawn_agent`, `send_message`), **user input tools** (`request_user_input`), and **agent job tools** (`spawn_agents_on_csv`) into new modules like `agent_tool.rs` and `agent_job_tool.rs` within `codex-tools`. This improves **crate boundary honesty** and reduces the passive tool-spec logic within `codex-core`, which now primarily acts as a consumer of these externalized builders. The change enhances the modularity and focus of both crates, with `codex-core`'s `spec.rs` now calling the externalized functions and all related tests and documentation updated. | Mar 29 | 10 | grow |
| 4e119a3b | This commit performs a significant **refactoring** by **extracting local-host tool specification builders** from the `codex-core` crate into the `codex-tools` crate. Specifically, pure, session-independent builders for tools such as `exec_command`, `write_stdin`, `shell`, `shell_command`, `request_permissions`, and `view_image` are moved into new modules like `codex-rs/tools/src/local_tool.rs` and `codex-rs/tools/src/view_image.rs`. This change **improves modularity** by making `codex-core` responsible only for feature gating and runtime-coupled descriptions, while `codex-tools` now centrally manages the reusable tool shape construction. The `codex-rs/core/src/tools/spec.rs` module is rewired to consume these new external builders, and corresponding tests are relocated, enhancing the separation of concerns and maintainability across the project. | Mar 28 | 8 | maint |
| f7ef9599 | This commit **improves the reliability and hermeticity** of the **`codex-exec` module's review policy tests**. It modifies the `thread_start_params_*review_policy*` tests in `codex-rs/exec/src/lib.rs` to explicitly set the `approvals_reviewer` via `harness_overrides`. This **test maintenance** change removes reliance on ambient system or managed configuration layers, which previously caused non-hermetic behavior and potential test failures due to unexpected `approvals_reviewer` overrides. The update ensures that the tests accurately validate the `thread_start_params_from_config()` function's logic for forwarding the effective reviewer, preventing future flaky results. | Mar 28 | 1 | maint |
| a16a9109 | This commit **improves the reliability and performance** of the **`rust-ci-full` CI workflow** by enabling BuildBuddy for its non-Windows `argument-comment-lint` jobs. It **resolves persistent timeouts** on Linux and macOS platforms by passing the `BUILDBUDDY_API_KEY` to these Bazel steps, allowing them to utilize remote caching. This **CI maintenance** update ensures these critical lint checks complete successfully within their time limits, aligning `rust-ci-full.yml` with the faster execution path already present in `rust-ci.yml`. The change specifically targets the `.github/workflows/rust-ci-full.yml` configuration. | Mar 28 | 1 | maint |
| 2238c16a | This commit performs a significant **refactoring** by **extracting** the **code mode tool specification adapter logic** from the `codex-core` crate into the `codex-tools` crate. Functions such as `augment_tool_spec_for_code_mode` and `tool_spec_to_code_mode_tool_definition` are now located in `codex-rs/tools/src/code_mode.rs`, accompanied by dedicated unit tests. This **architectural migration** reduces coupling within **`codex-core`** by externalizing pure tool-definition plumbing, making **`codex-tools`** responsible for code mode tool specification and introducing a new dependency on `codex-code-mode`. Consequently, `codex-core`'s tool processing modules, including `core/src/tools/spec.rs` and `core/src/tools/code_mode/mod.rs`, are rewired to utilize these newly externalized adapters, enhancing modularity and maintainability. | Mar 28 | 11 | maint |
| c25c0d6e | This commit **fixes a race condition** in the **plugin manager**'s curated plugin cache refresh logic, specifically within `codex-rs/core/src/plugins/manager.rs`. It ensures that the `start_curated_repo_sync` task, executed during app-server startup, always reads the *latest* user configuration from `config.toml` before refreshing the cache. This prevents stale on-disk caches by avoiding the re-creation of cache directories for curated plugins that were recently uninstalled via `plugin/list` operations. The change also refactors plugin configuration parsing for improved reusability and includes a **regression test** in `codex-rs/core/src/plugins/manager_tests.rs` to verify the correct behavior. | Mar 28 | 2 | waste |
| 313fb959 | This commit **fixes a regression** in the **`rust-ci-full` CI workflow** by restoring the Windows-specific `argument-comment-lint` setup, which was failing due to Bazel `process_wrapper` issues. It re-enables the nightly toolchain and routes Windows runners through `tools/argument-comment-lint/run-prebuilt-linter.py`, while limiting Bazel-backed linting to non-Windows platforms. This **maintenance** ensures the **Windows Rust CI pipeline** remains functional for linting until native Bazel support is repaired. | Mar 28 | 1 | maint |
| 4e27a87e | This commit performs a significant **refactoring** by **migrating** the `ConfiguredToolSpec` data structure and the `create_tools_json_for_responses_api()` serialization helper from the **`codex-core`** crate to the **`codex-tools`** crate. This move **decouples** passive tool-definition logic from `codex-core`, centralizing tool-related data models within **`codex-tools`** and reducing `codex-core`'s responsibility for serialization details. Consequently, various modules within **`codex-core`**, including `client.rs`, `tools/registry.rs`, and `tools/router.rs`, were updated to consume these types from their new location, alongside corresponding test updates and documentation in `codex-tools/README.md`. This **code migration** improves the modularity and separation of concerns within the tooling infrastructure, with no functional changes to the application's behavior. | Mar 28 | 9 | maint |
| ae8a3be9 | This commit **fixes a critical build failure** in the **Bazel build system** for macOS. It **updates the expired macOS SDK pin** in `MODULE.bazel`, which was causing `403 Forbidden` errors when fetching the `@macos_sdk` external repository. By refreshing the `urls`, `sha256`, and `strip_prefix` to a new Apple CDN object, this **maintenance change** ensures that macOS builds can successfully resolve and download the required SDK, **restoring build stability**. | Mar 28 | 1 | waste |
This commit introduces a **new CI check** to enforce consistent **Cargo workspace settings** across all `codex-rs` crates. A Python script, `.github/scripts/verify_cargo_workspace_manifests.py`, is added to the CI pipeline (`.github/workflows/ci.yml`) to verify that `Cargo.toml` files correctly inherit `version`, `edition`, `license`, and `[lints] workspace = true` from the workspace root, and adhere to naming conventions. This **maintenance and code quality improvement** addresses a discrepancy where `cargo clippy` could miss lints caught by Bazel's clippy due to misconfigured workspace inheritance. Consequently, several `codex-rs` modules, including `app-server/tests/common`, `file-search`, `feedback`, `shell-escalation`, and `debug-client`, had their `Cargo.toml` files updated and newly exposed clippy violations fixed, ensuring a unified linting experience and preventing future configuration drift.
This commit provides a **bug fix** for **Windows-specific test failures** affecting the **external bearer token refresh mechanism**. It addresses an issue where embedded PowerShell scripts within tests in `codex-rs/login` and `codex-rs/core` would incorrectly parse tokens due to `Get-Content` returning a scalar instead of an array on Windows when `tokens.txt` had only one line. By wrapping `Get-Content -Path tokens.txt` in `@(...)`, the PowerShell scripts now consistently receive array semantics, ensuring correct token handling and **restoring reliability to bearer refresh tests** on Windows. This change specifically impacts the `auth_tests.rs`, `manager_tests.rs`, and `client.rs` test files.
This commit provides a **bug fix** to resolve a **failing CI workflow** by addressing a clippy lint violation. Specifically, it adds `#[expect]` attributes to the `send_provider_auth_request` function within the **`codex-rs/core` testing suite** (`client.rs`) to suppress `expect_used` and `unwrap_used` warnings. This **maintenance** action temporarily aligns the project's linting status, allowing CI to pass while the underlying discrepancy between Cargo and Bazel clippy configurations is investigated. The change ensures the **test suite** remains functional and CI remains green.
This commit introduces **dynamic authentication token support** for **custom model providers** within the `core` module, enabling them to use short-lived bearer tokens generated by an external command. It adds a new `auth` configuration block under `model_providers.<id>` that specifies a command to execute for obtaining and refreshing tokens, addressing a limitation where only static credentials were supported. This **new capability** enhances flexibility for integrating enterprise model gateways by wiring the command-backed token generation through the existing `AuthManager` for `ModelClient` and `ModelsManager` requests, including initial `/models` endpoint calls. The change involves updates to the configuration schema, validation logic, and the authentication flow to ensure proper token management and prevent conflicts with other auth methods.
This commit introduces **external bearer token authentication** directly into the `AuthManager` within the **`codex-login`** module, centralizing the handling of provider-backed authentication. It adds a **new capability** for `AuthManager` to own the resolution and `401` recovery for these tokens, preventing the need for separate authentication abstractions in `codex-core`. This involves moving `ModelProviderAuthInfo` to `codex-protocol` for shared configuration and updating `app-server` to use the new `AuthManager` methods. The change is a **refactoring** that prepares the system for future provider integrations by ensuring all request tokens flow through a unified `AuthManager.auth()` interface, improving consistency and maintainability.
This commit **refactors** the **external authentication subsystem** to generalize `ExternalAuthTokens` and `ExternalAuthRefresher`, moving beyond a ChatGPT-specific structure. `ExternalAuthTokens` now explicitly supports an `access_token` with optional `ExternalAuthChatgptMetadata`, and `ExternalAuthRefresher` gains a `resolve()` method for pre-request token resolution. This **generalization** enables first-class support for **bearer-only external authentication sources**, laying the groundwork for future provider-agnostic authentication. The **app-server bridge** is updated to construct the new token shape, while strictness for existing ChatGPT auth state persistence is maintained.
This commit **refactors** the **Windows CI pipeline** to execute the `argument-comment-lint` via **native Bazel aspects**, aligning it with the existing Linux and macOS setups. This **new capability** required significant **toolchain configuration** and **bug fixes** within the **Bazel build system** to support a mixed environment where execution-side helper binaries use `windows-msvc` while target crates are built with `windows-gnullvm`. Key changes involve extensive patching of `rules_rust` to correctly handle platform constraints, environment propagation, and `rustc-dev` artifacts, alongside tactical patches to `aws-lc-sys` to resolve Windows-specific build issues. The overall impact is a more robust and performant **Windows CI environment** and improved **Bazel/Rust integration** for complex, mixed toolchain scenarios.
This commit **fixes critical gaps** in the **`argument-comment-lint` CI** by expanding its coverage and enforcing stricter rules. It introduces `tools/argument-comment-lint/list-bazel-targets.sh` to ensure Bazel-backed lint runs include `manual` `rust_test` targets, thereby covering inline unit tests within `codex-rs` modules. Furthermore, it **promotes `argument-comment-mismatch` and `uncommented-anonymous-literal-argument` lints to errors** across all strict entrypoints, including `lint_aspect.bzl` and `wrapper_common.py`, preventing previously allowed comment typos or omissions. This **maintenance and bug fix** effort significantly **improves code quality enforcement** for argument comments, affecting the **`codex-rs/linux-sandbox`** and **`codex-rs/core`** modules by fixing existing violations and preventing future ones.
This commit performs a significant **refactoring** by **migrating shared discoverable tool models** from `codex-core` to the `codex-tools` crate. Specifically, types like `DiscoverableTool` and `DiscoverablePluginInfo`, along with the `filter_tool_suggest_discoverable_tools_for_client` function, are now defined in `codex-rs/tools/src/tool_discovery.rs`. This change centralizes the definitions for the **tool discovery and suggestion stack**, allowing `codex-core` modules such as `core/src/tools` and `core/src/plugins` to consume these types from `codex-tools` and eliminating the need for a duplicate `core/src/tools/discoverable.rs` module. The **architectural migration** improves modularity and consistency by establishing `codex-tools` as the single source of truth for these critical tool metadata structures.
This commit **refactors** and **migrates** the **tool discovery and suggestion spec building logic** from `codex-core` to the `codex-tools` crate. It moves the `tool_search` and `tool_suggest` spec builders, along with shared `DiscoverableToolAction` and `DiscoverableToolType` enums, into a new `codex-tools/src/tool_discovery.rs` module. This **decouples** the reusable spec construction from `codex-core`'s runtime state, allowing `core/src/tools/spec.rs` to focus solely on policy decisions regarding tool exposure. The `codex-core` module now delegates the actual spec building to the new `codex-tools` functions, enhancing modularity and clarifying responsibilities between the crates. This is a **maintenance** and **refactoring** effort to streamline the `codex-tools` migration.
This commit performs a significant **architectural refactoring** by **migrating** several pure utility tool specifications from the `codex-core` crate to the `codex-tools` crate. It extracts definitions for **code-mode** (`exec`, `wait`), **JS REPL** (`js_repl`, `js_repl_reset`), **MCP resource** tools, and general **utility tools** (`list_dir`, `test_sync_tool`) into new, dedicated modules within `codex-tools`. This **decouples** `codex-core`'s `core/src/tools/spec.rs` from these low-coupling tool definitions, streamlining the core module and enhancing the overall modularity and maintainability of the project. The change also includes migrating corresponding tests and updating the `codex-rs/tools/README.md` to reflect the new ownership.
This commit performs a significant **refactoring** by **extracting pure tool specification builders** from `codex-core` into the `codex-tools` crate. Specifically, it moves the logic for constructing **collaboration tools** (e.g., `spawn_agent`, `send_message`), **user input tools** (`request_user_input`), and **agent job tools** (`spawn_agents_on_csv`) into new modules like `agent_tool.rs` and `agent_job_tool.rs` within `codex-tools`. This improves **crate boundary honesty** and reduces the passive tool-spec logic within `codex-core`, which now primarily acts as a consumer of these externalized builders. The change enhances the modularity and focus of both crates, with `codex-core`'s `spec.rs` now calling the externalized functions and all related tests and documentation updated.
This commit performs a significant **refactoring** by **extracting local-host tool specification builders** from the `codex-core` crate into the `codex-tools` crate. Specifically, pure, session-independent builders for tools such as `exec_command`, `write_stdin`, `shell`, `shell_command`, `request_permissions`, and `view_image` are moved into new modules like `codex-rs/tools/src/local_tool.rs` and `codex-rs/tools/src/view_image.rs`. This change **improves modularity** by making `codex-core` responsible only for feature gating and runtime-coupled descriptions, while `codex-tools` now centrally manages the reusable tool shape construction. The `codex-rs/core/src/tools/spec.rs` module is rewired to consume these new external builders, and corresponding tests are relocated, enhancing the separation of concerns and maintainability across the project.
This commit **improves the reliability and hermeticity** of the **`codex-exec` module's review policy tests**. It modifies the `thread_start_params_*review_policy*` tests in `codex-rs/exec/src/lib.rs` to explicitly set the `approvals_reviewer` via `harness_overrides`. This **test maintenance** change removes reliance on ambient system or managed configuration layers, which previously caused non-hermetic behavior and potential test failures due to unexpected `approvals_reviewer` overrides. The update ensures that the tests accurately validate the `thread_start_params_from_config()` function's logic for forwarding the effective reviewer, preventing future flaky results.
This commit **improves the reliability and performance** of the **`rust-ci-full` CI workflow** by enabling BuildBuddy for its non-Windows `argument-comment-lint` jobs. It **resolves persistent timeouts** on Linux and macOS platforms by passing the `BUILDBUDDY_API_KEY` to these Bazel steps, allowing them to utilize remote caching. This **CI maintenance** update ensures these critical lint checks complete successfully within their time limits, aligning `rust-ci-full.yml` with the faster execution path already present in `rust-ci.yml`. The change specifically targets the `.github/workflows/rust-ci-full.yml` configuration.
This commit performs a significant **refactoring** by **extracting** the **code mode tool specification adapter logic** from the `codex-core` crate into the `codex-tools` crate. Functions such as `augment_tool_spec_for_code_mode` and `tool_spec_to_code_mode_tool_definition` are now located in `codex-rs/tools/src/code_mode.rs`, accompanied by dedicated unit tests. This **architectural migration** reduces coupling within **`codex-core`** by externalizing pure tool-definition plumbing, making **`codex-tools`** responsible for code mode tool specification and introducing a new dependency on `codex-code-mode`. Consequently, `codex-core`'s tool processing modules, including `core/src/tools/spec.rs` and `core/src/tools/code_mode/mod.rs`, are rewired to utilize these newly externalized adapters, enhancing modularity and maintainability.
This commit **fixes a race condition** in the **plugin manager**'s curated plugin cache refresh logic, specifically within `codex-rs/core/src/plugins/manager.rs`. It ensures that the `start_curated_repo_sync` task, executed during app-server startup, always reads the *latest* user configuration from `config.toml` before refreshing the cache. This prevents stale on-disk caches by avoiding the re-creation of cache directories for curated plugins that were recently uninstalled via `plugin/list` operations. The change also refactors plugin configuration parsing for improved reusability and includes a **regression test** in `codex-rs/core/src/plugins/manager_tests.rs` to verify the correct behavior.
This commit **fixes a regression** in the **`rust-ci-full` CI workflow** by restoring the Windows-specific `argument-comment-lint` setup, which was failing due to Bazel `process_wrapper` issues. It re-enables the nightly toolchain and routes Windows runners through `tools/argument-comment-lint/run-prebuilt-linter.py`, while limiting Bazel-backed linting to non-Windows platforms. This **maintenance** ensures the **Windows Rust CI pipeline** remains functional for linting until native Bazel support is repaired.
This commit performs a significant **refactoring** by **migrating** the `ConfiguredToolSpec` data structure and the `create_tools_json_for_responses_api()` serialization helper from the **`codex-core`** crate to the **`codex-tools`** crate. This move **decouples** passive tool-definition logic from `codex-core`, centralizing tool-related data models within **`codex-tools`** and reducing `codex-core`'s responsibility for serialization details. Consequently, various modules within **`codex-core`**, including `client.rs`, `tools/registry.rs`, and `tools/router.rs`, were updated to consume these types from their new location, alongside corresponding test updates and documentation in `codex-tools/README.md`. This **code migration** improves the modularity and separation of concerns within the tooling infrastructure, with no functional changes to the application's behavior.
This commit **fixes a critical build failure** in the **Bazel build system** for macOS. It **updates the expired macOS SDK pin** in `MODULE.bazel`, which was causing `403 Forbidden` errors when fetching the `@macos_sdk` external repository. By refreshing the `urls`, `sha256`, and `strip_prefix` to a new Apple CDN object, this **maintenance change** ensures that macOS builds can successfully resolve and download the required SDK, **restoring build stability**.