sayan-oai

This commit introduces a **new capability** for **plugin configuration**, allowing the `defaultPrompt` field to be an array of strings instead of a single string. It updates the **protocol schemas**, **TypeScript type definitions**, and **Rust data structures** across `app-server-protocol` to reflect this change. Crucially, it maintains **backward compatibility** for existing plugins that still use a single string for `defaultPrompt`. The `core` module's plugin manifest parsing logic (`core/src/plugins/manifest.rs`) now handles the array type, enforcing limits of up to three entries, each capped at 128 characters, with graceful degradation for invalid inputs. This **feature enhancement** provides greater flexibility for plugin developers while ensuring robust handling by the app-server.

Refresh Python SDK generated types (#14646)

This commit **refactors** the presentation of `Apps`, `Skills`, and `Plugins` instructions within the `codex-rs` system. It **moves these capability instructions from the `user_instructions` section into the `developer message`**, reordering them to `Apps -> Skills -> Plugins` for improved clarity and logical flow. Crucially, these sections are now **wrapped in stable XML-style instruction tags** (e.g., `<apps_md>...</apps_md>`), which enhances test stability by enabling programmatic parsing of the prompt structure. This change impacts the core **prompt generation logic** in `codex-rs/core`, requiring updates to `codex-rs/protocol` for new constants and extensive **snapshot test updates** to reflect the new message structure.

This commit **enhances the clarity and detail of model instructions** by improving how **plugin and application information** is conveyed to the model. It introduces **new functionality** within the `codex-rs/core/src/plugins` module to **sanitize and truncate plugin descriptions** for prompt safety, and then incorporates these descriptions, along with guidance on skill naming conventions (e.g., `plugin_name:`), into the rendered `## Plugins` section. Additionally, it **clarifies existing copy** regarding app mentions in user messages and the provision of tools via `codex_apps` MCP. This **feature enhancement and clarification effort** primarily impacts the **instruction generation subsystem**, providing more comprehensive and precise context to the model.

This commit introduces **default policies** for **plugin installation and authorization**, standardizing behavior across the **Codex plugin ecosystem**. It sets `installPolicy` to `AVAILABLE` and `authPolicy` to `ON_INSTALL` by default when these are not explicitly defined in a plugin's `marketplace.json`. This **refactoring** involves updating **JSON schemas**, **TypeScript types**, and **Rust protocol definitions** to make these policy fields non-optional, ensuring that plugins are always available for manual installation and their connectors are authorized upon installation. The **application server logic** and **core plugin management** have been adjusted to accommodate these new defaults, along with comprehensive **test updates**. This change simplifies plugin integration by providing consistent default behavior for all plugins.

This commit introduces **new policy and categorization metadata** for plugins within the **marketplace configuration**. It adds `installPolicy`, `authPolicy`, and `category` fields to all plugin definitions in the `.agents/plugins/marketplace.json` file. This **feature enhancement** sets a default `AVAILABLE` install policy and an `ON_INSTALL` authentication policy for all existing plugins, establishing foundational controls for plugin management and security. The change impacts the **plugin management system**, enabling future granular control over how plugins are installed and authenticated.

This commit **enhances the plugin management system** by wiring through **plugin installation and authentication policies** (`installPolicy`, `authPolicy`) and **categories** from `marketplace.json` to the `app-server` endpoints. Specifically, the `plugin/list` endpoint now includes these policies and categories in plugin summaries, while the `plugin/install` endpoint now enforces the `NOT_AVAILABLE` `installPolicy` to prevent installation of unavailable plugins. This **new capability** involves **updating the `app-server-protocol` schemas** for `PluginListResponse` and `PluginInstallResponse` and modifying the `codex_message_processor` to handle these new metadata fields and enforce policies. The `core/src/plugins` module was updated to manage and resolve these policies, providing more granular control and information regarding plugin availability and usage. New tests were added to validate the policy enforcement and metadata propagation.

This commit introduces a **feature enhancement** to the **TUI chat composer**, specifically improving the display order of mention suggestions. It **prioritizes plugin mentions** to appear before other types, such as apps and skills, within the suggestion menu. This is achieved by adding a `sort_rank` field to the `MentionItem` struct in `codex-rs/tui/src/bottom_pane/skill_popup.rs` and assigning appropriate ranks to different mention types in `codex-rs/tui/src/bottom_pane/chat_composer.rs`. The change directly impacts the user experience by making plugin suggestions more prominent and accessible, with updated snapshot tests confirming the new sorting logic.

This commit **enhances the user experience** within the **TUI's `$`-mention popup menu** by standardizing the display of item categories. It introduces **consistent prefix category tags** such as `[Skill]`, `[App]`, or `[Plugin]` for all mentionable items, resolving previous issues with ambiguous, conditional, or truncated suffix tags. This **UI/UX improvement** primarily affects the **chat composer** and **skill popup rendering** logic in `codex-rs/tui/src/bottom_pane/`, ensuring users can quickly and clearly identify the type of item they are selecting. The change provides better at-a-glance clarity and consistency across the interface.

This commit introduces a **new capability** by implementing the `plugin/uninstall` endpoint in the **App Server**, allowing for programmatic uninstallation of plugins. This functionality leverages the **core plugin management logic** to fully remove plugin files from the cache directory and update the user's configuration. The **client-server protocol** has been extended with new JSON schemas and TypeScript/Rust types for the `PluginUninstallParams` and `PluginUninstallResponse`. Comprehensive **tests** have been added to validate the endpoint's behavior, confirming that uninstalls are session-scoped and take effect upon a new session.

This commit **refactors** the **mention syntax** within `codex-rs/core` to standardize the use of `@plugin` instead of `$plugin` for plaintext plugin mentions. It introduces new constants like `PLUGIN_TEXT_MENTION_SIGIL` and `TOOL_MENTION_SIGIL` to explicitly define and differentiate between plugin and tool mention sigils. The core **mention collection logic** is updated to correctly parse these new sigils, and the **`codex-rs/tui`** module's **history decoding** is enhanced to accurately interpret and display mentions using the updated syntax. This change improves consistency and clarity in how mentions are handled across the application, particularly impacting the display of historical chat interactions in the TUI.

This commit introduces **structured parsing for plugin mentions**, transitioning from plain-text `@display_name` to a consistent `plugin://...` URI scheme and `UserInput::Mention` type. The **Core** module now processes these structured mentions, while the **TUI** gains comprehensive support including autocomplete, popups, and visual chips for plugins in the chat composer, aligning their interaction with existing app and skill mentions. This **new capability** significantly enhances the user experience for interacting with plugins, making them more discoverable and manageable through a standardized interface. It also generalizes the underlying mention parsing logic and adds a `description` field to plugin manifests, improving information available to users and laying groundwork for richer integration.

This commit introduces a **new capability** to the **`plugin/install` API endpoint**, enabling it to identify and report applications that require authentication after a plugin has been installed. The **`app-server-protocol`** is updated with a new `AppSummary` schema and the `PluginInstallResponse` now includes an `appsNeedingAuth` field. The **`app-server`** implements the logic to populate this field by checking the authentication status of installed apps, leveraging an extracted `load_plugin_apps` utility from the **`core` plugin management module**. This enhancement allows client applications to proactively trigger authentication workflows, significantly improving the **user experience during plugin installation**.

This commit introduces the **new capability** of **explicit `@plugin` mentions**, allowing users to directly reference plugins in their input. It modifies the **core logic** to parse these mentions and inject the plugin's MCP servers, app names, and skill format into the turn context as a developer message, significantly enhancing the **AI model's understanding** of available tools. Furthermore, **tool descriptions** are now annotated with their originating plugins, providing crucial provenance information to improve **implicit invocation**. This change also updates **app server protocols** and various **connectors** to support the new `pluginDisplayNames` field, laying the groundwork for future UI integration.

This commit introduces a **new capability** to manage and communicate models' web search capabilities, specifically regarding **image content support**. It adds a `web_search_tool_type` field to the `ModelInfo` structure, defined in `codex-rs/protocol`, which the backend will use to specify if a model can handle images during web searches. This new field is integrated into the `codex-rs/core` module's `ToolsConfig` to dynamically set `search_content_types` for the `WebSearch` tool, ensuring that only appropriate models are utilized. This enhancement to the **model management** and **tool specification** subsystems allows for accurate filtering of models based on their web search capabilities, improving the overall user experience.

This commit introduces a **new capability** to the **Codex core** by enhancing **plugin management** and **user instructions**. It now tracks `PluginCapabilitySummary` for enabled plugins, summarizing their contained skills, apps, and mcps within `PluginLoadOutcome` in `codex-rs/core/src/plugins/manager.rs`. As a result, a new `Plugins` section is injected into the `user_instructions` at session start, informing users about the plugin concept and listing currently enabled plugins. This change, primarily affecting the `start_session` flow and `get_user_instructions` in `codex-rs/core/src/project_doc.rs`, provides foundational visibility into available plugins, with more detailed information to be added in future updates.

This commit introduces a **new capability** to load and manage applications defined within plugins, enabling them to be **runtime-mentionable** and expose tools. It modifies the **plugin management system** to parse `.app.json` files and integrates this new app merging logic into the **core connector handling** and **ChatGPT connector listing**. Plugin-provided applications are dynamically filtered if their associated `connector_id` is not exposed, ensuring only available tools are added. This significantly enhances the extensibility of the platform by allowing plugins to bundle and expose their own applications, with comprehensive tests added to verify correct tool exposure.

This commit performs a **maintenance chore** by **removing the `--all-features` flag** from the `rust-analyzer` invocation. This change specifically impacts the **development environment's `rust-analyzer` integration**, particularly when it runs on save. The primary goal is to **prevent excessive disk space bloat** within the `target/` directory, thereby optimizing resource usage for developers. This action refines previous work related to `rust-analyzer` setup, ensuring a more efficient local development experience.

This commit introduces a **new debug capability** by adding the `codex debug clear-memories` command to the **CLI**. This command enables developers to **hard-wipe all memory state** from disk and the SQLite database, providing a clean slate for the **memory management subsystem**. It also ensures that existing threads are marked with `memory_mode=disabled` to prevent unintended resummarization upon re-enabling the `memories` feature. This **maintenance tool** significantly aids in **development and testing workflows** by offering a comprehensive way to reset memory data. The core logic is implemented via the new `reset_memory_data_for_fresh_start` function in `codex-rs/state/src/runtime/memories.rs`.

This commit **enables visibility** of the `gpt-5.3-codex` model for **API users** by updating its status in the `models.json` configuration. Specifically, the `codex-rs/core/models.json` file is modified to change the `gpt-5.3-codex` model's visibility from 'hide' to 'list', making it accessible via the API. Related **test suites** in `codex-rs/app-server` and `codex-rs/core` were adjusted, including refactoring model list pagination tests and introducing a new helper for default model slugs. Additionally, the **TUI model selection snapshot** in `codex-rs/tui` was updated to reflect the newly available model and reordered list. This work constitutes a **feature enablement** and **configuration update** to integrate the recently released `gpt-5.3-codex` model into the system.