Skip to content

fix(codex): align adapter with current docs + cross-vendor install propagation#47

Merged
RealZST merged 4 commits into
mainfrom
fix/codex-comprehensive
May 9, 2026
Merged

fix(codex): align adapter with current docs + cross-vendor install propagation#47
RealZST merged 4 commits into
mainfrom
fix/codex-comprehensive

Conversation

@RealZST
Copy link
Copy Markdown
Owner

@RealZST RealZST commented May 9, 2026
edited
Loading

Summary

Comprehensive Codex adapter audit driven by issue #22 point 5b ("Codex full extension installation support"). Cross-checked HK's adapter against Codex's current published docs and rust-v0.130.0 source code; fixed multiple alignment gaps and one user-visible installation correctness bug along the way.

What changed

Commit Area Why it matters
5eb723d fix(codex) adapter paths (skills, memories, project hooks, doc fallback) HK was missing ~/.agents/skills as canonical user-skill path, missing project-level <repo>/.codex/hooks.json discovery, hardcoding only 2 of Codex's 4 default rule-doc filenames, and at risk of silently scanning the privacy-sensitive Chronicle directory.
3f62df8 fix(codex) [features].hooks flag rename + duplicate-section bug Codex deprecated codex_hooks in favor of hooks. Old string-append also produced duplicate [features] sections that TOML rejects on re-parse. Refactored to parse-modify-serialize.
b0fab1e fix cross-vendor sibling install_meta propagation When installing to ~/.agents/skills/ (a directory Codex/Gemini/Cursor/Copilot/OpenCode all scan per their docs), only the explicit target's row got install_meta. Marketplace's URL-based "installed?" check then falsely showed siblings as not installed. Now propagates to every adapter that scans the install dir. Also collapses duplicate sibling-propagation logic that existed in install_to_agent and post_install_sync.
4565f7a feat(ui) Codex hook trust reminder banner Codex 0.129+ requires the user to trust each hook via codex /hooks before it executes. Static reminder banner shown in the detail panel when a hook has Codex in its agent list. Deliberately not detecting actual trust state — Codex's hash recipe and hook-key format are explicitly flagged as churn-prone in upstream source.

Verification

  • cargo test --workspace — 400 tests pass (15 new across the four commits)
  • cargo clippy --workspace --all-targets -- -D warnings clean
  • npm run lint and npx tsc --noEmit clean
  • Manual smoke (all on a real machine with Codex CLI 0.130.0):
    • Marketplace install to Codex lands at ~/.agents/skills/<name>/SKILL.md
    • Marketplace install to Codex now correctly marks all 5 cross-vendor siblings as installed (Codex / Gemini CLI / Cursor / Copilot / OpenCode)
    • Hook install writes [features].hooks = true (not deprecated codex_hooks); merges into a preexisting [features] table without producing a duplicate section
    • Project rule files scanning surfaces all 4 default fallback filenames at <project_root>/: AGENTS.override.md, AGENTS.md, TEAM_GUIDE.md, .agents.md
    • <project>/.codex/hooks.json discovered as a project-scoped hook
    • Codex hook trust banner persists in detail panel for any hook where Codex is in agents

Out of scope (deferred)

  • Full hook trust state UI (Trusted / Modified / Untrusted badges). Requires replicating Codex's hash algorithm; upstream marks the recipe as churn-prone. The static banner here covers 95% of the user need (post-install reminder to trust).
  • ~/.codex/.agents/skills walk into nested subdirectories for monorepos. Existing HK convention of scanning at the project root only matches HK's project-MCP behavior. No issue reports.
  • Codex's per-skill [[skills.config]] enabled = false native disable mechanism. Cross-cutting design issue tracked alongside MCP per-agent state in `project_mcp_per_agent_native_state_roadmap.md`.

Refs #22 (point 5b).

🤖 Generated with Claude Code

RealZST and others added 4 commits May 9, 2026 20:57
@RealZST @claude
fix(codex): align adapter paths with current Codex docs
5eb723d 
Multiple corrections to the Codex adapter, all driven by triaging
issue #22 item 5 (Codex extension support):

- skill_dirs: scan canonical ~/.agents/skills first; keep ~/.codex/skills
  as deprecated-but-functional fallback per Codex's own loader source
  comment at v0.130.0.
- global_memory_files: defensive comment forbidding any future extension
  to scan ~/.codex/memories_extensions/chronicle/. Chronicle stores
  unencrypted OCR'd screen content; surfacing it would be a privacy
  footgun even though the files are technically readable.
- project_hook_config_relpath: implement (.codex/hooks.json). The
  trait + scanner already supported project-level hook discovery for
  Claude/Cursor/Windsurf; only Codex was missing the override.
- Rules file fallback: read project_doc_fallback_filenames from
  ~/.codex/config.toml (defaults to AGENTS.override.md, AGENTS.md,
  TEAM_GUIDE.md, .agents.md per Codex docs) and feed it into both
  global_rules_files and project_rules_patterns. Empty/malformed
  configs fall through to the default list. Empty strings filtered
  to avoid base_dir().join("") footgun.

Tests added: 7 doc_fallback cases + 1 scanner regression test for
project Codex hook discovery.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@RealZST @claude
fix(codex): rename hooks feature flag to [features].hooks
3f62df8 
Codex deprecated `[features] codex_hooks = true` in favor of
`[features] hooks = true` (user observed deprecation warning on CLI
0.130.0). Update ensure_codex_hooks_enabled to:

- write the new flag name on first install
- skip rewriting if either form is already present (Codex still
  honors `codex_hooks` with a deprecation warning, so we don't
  editorialize)

Refactored from string-append to parse-modify-serialize, mirroring
the existing set_codex_plugin_enabled pattern. Old approach had two
real bugs that this rewrite fixes:

- duplicate [features] section: when the user already had
  [features] (e.g. memories = true) without our flag, the old
  string-append wrote a second [features] block, which TOML rejects
  on re-parse and Codex would refuse to load.
- substring false-positive: contains("codex_hooks") matched the
  literal string anywhere in the file (including comments). The
  TOML-parsing version only inspects the actual table.

Corrupted-TOML reads now surface as ConfigCorrupted instead of
silently appending and producing a worse-broken file.

Added 5 unit tests covering: missing config, canonical flag present,
deprecated flag present, preexisting [features] table without our
flag, and corrupted TOML.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@RealZST @claude
fix: propagate install_meta to cross-vendor sibling extensions
b0fab1e 
When a skill is installed to a directory that multiple detected
adapters scan (e.g. ~/.agents/skills/ is scanned by Codex, Gemini CLI,
Cursor, Copilot, and OpenCode at user-global scope per their official
docs), every other adapter's row produced by the next scan_all lacks
install_meta. The Marketplace's URL-based "is this installed?" check
keys on install_meta.url, so it falsely showed all those siblings as
not installed even though the file was on disk and would be picked up
by their next runtime scan.

Fix: in post_install_sync, after the existing per-target write, find
every other detected adapter whose skill_dir for the install scope
equals the target_dir, scan-and-sync each, and set_install_meta on
the resulting sibling row. New helper adapter_scans_dir handles the
Global vs Project comparison.

Also refactored install_to_agent's skill arm to delegate to
post_install_sync after the deploy. Previously it had a parallel
sibling-propagation loop that did the same thing minus pack
propagation and audit; collapsing the two paths means cross-agent
deploy now also gets pack propagation and audit for free, and removes
~25 lines of duplicated logic.

Two tests pin both entry points: install_to_agent (cross-agent deploy
button) and post_install_sync (the path Marketplace install actually
runs through).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@RealZST @claude
feat(ui): add Codex hook trust reminder banner
4565f7a 
Codex CLI 0.129+ enforces hook trust: a hook will not execute until
the user explicitly trusts it via `codex /hooks`. After installing a
hook to Codex, users without this awareness see "the hook silently
doesn't run" with no obvious cause.

Add a static reminder banner in the extension detail panel, shown
whenever an extension is a hook AND has codex in its agents list.
Theme-colored info style, stays put until the hook is uninstalled.

Deliberately not detecting actual trust state (Trusted / Modified /
Untrusted): replicating Codex's hash algorithm requires matching
Codex's internal canonicalization exactly, and the upstream source
flags both the positional hook key and parts of the hash recipe as
churn-prone. A static reminder is more durable than a detector that
silently breaks when Codex evolves.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@RealZST RealZST merged commit 552f663 into main May 9, 2026
3 checks passed
@RealZST RealZST deleted the fix/codex-comprehensive branch May 9, 2026 18:15
@RealZST RealZST mentioned this pull request May 9, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@RealZST