@jrkropp/codex-js 0.1.1 → 0.1.3

package/dist/chunk-SYPHCDRD.js

@@ -0,0 +1,1133 @@
+import { BaseInstructions } from './chunk-O44XP7LH.js';
+import { parse, stringify } from 'smol-toml';
+
+function parse_config_toml(contents) {
+  return parse(contents);
+}
+function parse_toml_value(contents) {
+  return parse(contents);
+}
+function serialize_config_toml(config) {
+  return stringify(config);
+}
+function empty_config_toml() {
+  return {};
+}
+function config_toml_from_unknown(value) {
+  if (isTomlTable(value)) {
+    return value;
+  }
+  return {};
+}
+function isTomlTable(value) {
+  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
+}
+
+// src/upstream/codex-rs/config/src/types.ts
+var CONFIG_TOML_FILE = "config.toml";
+var ConfigLayerStackOrdering = {
+  LowestPrecedenceFirst: "LowestPrecedenceFirst",
+  HighestPrecedenceFirst: "HighestPrecedenceFirst"
+};
+function createConfigLayerStack(layers = [], startup_warnings = []) {
+  return { layers, startup_warnings };
+}
+
+// src/upstream/codex-rs/core/src/config/permissions.ts
+var BUILT_IN_READ_ONLY_PROFILE = ":read-only";
+var BUILT_IN_WORKSPACE_PROFILE = ":workspace";
+var BUILT_IN_DANGER_NO_SANDBOX_PROFILE = ":danger-no-sandbox";
+function defaultBuiltinPermissionProfileName(input = {}) {
+  return input.trusted || input.untrusted ? BUILT_IN_WORKSPACE_PROFILE : BUILT_IN_READ_ONLY_PROFILE;
+}
+function readOnlyPermissionProfile() {
+  return {
+    type: "managed",
+    file_system: {
+      type: "restricted",
+      entries: [
+        {
+          path: { type: "special", value: "root" },
+          access: "read"
+        }
+      ]
+    },
+    network: "restricted"
+  };
+}
+function workspaceWritePermissionProfile() {
+  return {
+    type: "managed",
+    file_system: {
+      type: "restricted",
+      entries: [
+        {
+          path: { type: "special", value: "project_roots" },
+          access: "read-write"
+        }
+      ]
+    },
+    network: "restricted"
+  };
+}
+function disabledPermissionProfile() {
+  return {
+    type: "disabled"
+  };
+}
+function builtinPermissionProfile(name) {
+  switch (name) {
+    case BUILT_IN_READ_ONLY_PROFILE:
+      return readOnlyPermissionProfile();
+    case BUILT_IN_WORKSPACE_PROFILE:
+      return workspaceWritePermissionProfile();
+    case BUILT_IN_DANGER_NO_SANDBOX_PROFILE:
+      return disabledPermissionProfile();
+  }
+}
+function permissionProfileFromLegacySandboxPolicy(sandboxPolicy) {
+  const mode = legacySandboxPolicyMode(sandboxPolicy);
+  switch (mode) {
+    case "danger-full-access":
+      return disabledPermissionProfile();
+    case "read-only":
+      return readOnlyPermissionProfile();
+    case "workspace-write":
+      return workspaceWritePermissionProfile();
+    case "external":
+      return {
+        type: "external",
+        network: legacySandboxPolicyNetwork(sandboxPolicy)
+      };
+  }
+}
+function legacySandboxPolicyFromPermissionProfile(permissionProfile, cwd = "") {
+  const normalizedProfile = normalizePermissionProfile(permissionProfile);
+  const type = permissionProfileType(normalizedProfile);
+  if (type === "disabled") {
+    return { mode: "danger-full-access" };
+  }
+  if (type === "external") {
+    return {
+      mode: "external",
+      network_access: permissionProfileNetwork(normalizedProfile)
+    };
+  }
+  if (permissionProfileFileSystemMode(normalizedProfile) === "read-only") {
+    return {
+      mode: "read-only",
+      network_access: permissionProfileNetwork(normalizedProfile)
+    };
+  }
+  return {
+    mode: "workspace-write",
+    ...cwd ? { cwd } : {},
+    network_access: permissionProfileNetwork(normalizedProfile)
+  };
+}
+function effectivePermissionProfile(input) {
+  return input.permission_profile && Object.keys(input.permission_profile).length > 0 ? normalizePermissionProfile(input.permission_profile) : permissionProfileFromLegacySandboxPolicy(input.sandbox_policy);
+}
+function builtinPermissionProfileNameFromProfile(permissionProfile) {
+  const normalizedProfile = normalizePermissionProfile(permissionProfile);
+  const type = permissionProfileType(normalizedProfile);
+  if (type === "disabled") {
+    return BUILT_IN_DANGER_NO_SANDBOX_PROFILE;
+  }
+  return permissionProfileFileSystemMode(normalizedProfile) === "read-only" ? BUILT_IN_READ_ONLY_PROFILE : BUILT_IN_WORKSPACE_PROFILE;
+}
+function activePermissionProfileForBuiltin(id) {
+  return {
+    id,
+    extends: null,
+    modifications: []
+  };
+}
+function active_permission_profile(permissionProfile) {
+  return activePermissionProfileForBuiltin(
+    builtinPermissionProfileNameFromProfile(permissionProfile)
+  );
+}
+function validatePermissionProfile(permissionProfile) {
+  const warnings = [];
+  const profileType = permissionProfileType(permissionProfile);
+  if (profileType.startsWith(":")) {
+    warnings.push(
+      `Permission profile names beginning with ":" are reserved for Codex built-ins: ${profileType}`
+    );
+  }
+  return warnings;
+}
+function legacySandboxPolicyMode(sandboxPolicy) {
+  const mode = stringField(sandboxPolicy, ["mode", "type", "kind"]);
+  if (mode === "danger-full-access" || mode === "danger_full_access" || mode === "disabled") {
+    return "danger-full-access";
+  }
+  if (mode === "read-only" || mode === "read_only" || mode === "readonly") {
+    return "read-only";
+  }
+  if (mode === "external" || mode === "external_sandbox") {
+    return "external";
+  }
+  return "workspace-write";
+}
+function legacySandboxPolicyNetwork(sandboxPolicy) {
+  const value = stringField(sandboxPolicy, ["network_access", "network"]);
+  return value === "restricted" || value === "disabled" ? "restricted" : "enabled";
+}
+function permissionProfileType(permissionProfile) {
+  return stringField(permissionProfile, ["type", "mode", "profile"]) ?? "managed";
+}
+function normalizePermissionProfile(permissionProfile) {
+  const type = permissionProfileType(permissionProfile);
+  switch (type) {
+    case "danger-full-access":
+    case "danger-no-sandbox":
+    case "disabled":
+      return disabledPermissionProfile();
+    case "read-only":
+    case "readonly":
+      return readOnlyPermissionProfile();
+    case "workspace":
+    case "workspace-write":
+      return workspaceWritePermissionProfile();
+    default:
+      return permissionProfile && Object.keys(permissionProfile).length > 0 ? permissionProfile : readOnlyPermissionProfile();
+  }
+}
+function permissionProfileFileSystemMode(permissionProfile) {
+  const fileSystem = recordField(permissionProfile, "file_system");
+  const entries = Array.isArray(fileSystem?.entries) ? fileSystem.entries : [];
+  if (entries.length > 0 && entries.every(
+    (entry) => typeof entry === "object" && entry !== null && entry.access === "read"
+  )) {
+    return "read-only";
+  }
+  return "workspace-write";
+}
+function permissionProfileNetwork(permissionProfile) {
+  const network = permissionProfile ? permissionProfile.network : null;
+  if (typeof network === "string") {
+    return network === "enabled" ? "enabled" : "restricted";
+  }
+  if (typeof network === "object" && network !== null && "enabled" in network && network.enabled === true) {
+    return "enabled";
+  }
+  return "restricted";
+}
+function recordField(value, field) {
+  if (typeof value !== "object" || value === null || Array.isArray(value)) {
+    return null;
+  }
+  const fieldValue = value[field];
+  return typeof fieldValue === "object" && fieldValue !== null && !Array.isArray(fieldValue) ? fieldValue : null;
+}
+function stringField(value, fields) {
+  if (typeof value !== "object" || value === null || Array.isArray(value)) {
+    return null;
+  }
+  for (const field of fields) {
+    const fieldValue = value[field];
+    if (typeof fieldValue === "string" && fieldValue.trim().length > 0) {
+      return fieldValue.trim().toLowerCase().replaceAll("_", "-");
+    }
+  }
+  return null;
+}
+
+// src/upstream/codex-rs/core/src/config-types.ts
+var ModeKind = {
+  Plan: "plan",
+  Default: "default"
+};
+var TUI_VISIBLE_COLLABORATION_MODES = [
+  ModeKind.Default,
+  ModeKind.Plan
+];
+function allowsRequestUserInput(mode) {
+  return mode === ModeKind.Plan;
+}
+function modeDisplayName(mode) {
+  switch (mode) {
+    case ModeKind.Plan:
+      return "Plan";
+    case ModeKind.Default:
+      return "Default";
+  }
+}
+function collaborationModeWithUpdates(collaborationMode, model, effort, developerInstructions) {
+  return {
+    mode: collaborationMode.mode,
+    settings: {
+      model: model ?? collaborationMode.settings.model,
+      reasoning_effort: effort === void 0 ? collaborationMode.settings.reasoning_effort : effort,
+      developer_instructions: developerInstructions === void 0 ? collaborationMode.settings.developer_instructions : developerInstructions
+    }
+  };
+}
+function applyCollaborationModeMask(collaborationMode, mask) {
+  return {
+    mode: mask.mode ?? collaborationMode.mode,
+    settings: {
+      model: mask.model ?? collaborationMode.settings.model,
+      reasoning_effort: mask.reasoning_effort === void 0 ? collaborationMode.settings.reasoning_effort : mask.reasoning_effort,
+      developer_instructions: mask.developer_instructions === void 0 ? collaborationMode.settings.developer_instructions : mask.developer_instructions
+    }
+  };
+}
+function collaborationModeForModel(model, effort, mode = ModeKind.Default, developerInstructions = null) {
+  return {
+    mode,
+    settings: {
+      model,
+      reasoning_effort: effort ?? null,
+      developer_instructions: developerInstructions
+    }
+  };
+}
+
+// src/upstream/codex-rs/core/src/plan-mode.ts
+var CODEX_PLAN_MODE_INSTRUCTIONS = `# Plan Mode (Conversational)
+
+You work in 3 phases, and you should *chat your way* to a great plan before finalizing it. A great plan is very detailed\u2014intent- and implementation-wise\u2014so that it can be handed to another engineer or agent to be implemented right away. It must be **decision complete**, where the implementer does not need to make any decisions.
+
+## Mode rules (strict)
+
+You are in **Plan Mode** until a developer message explicitly ends it.
+
+Plan Mode is not changed by user intent, tone, or imperative language. If a user asks for execution while still in Plan Mode, treat it as a request to **plan the execution**, not perform it.
+
+## Plan Mode vs update_plan tool
+
+Plan Mode is a collaboration mode that can involve requesting user input and eventually issuing a \`<proposed_plan>\` block.
+
+Separately, \`update_plan\` is a checklist/progress/TODOs tool; it does not enter or exit Plan Mode. Do not confuse it with Plan mode or try to use it while in Plan mode. If you try to use \`update_plan\` in Plan mode, it will return an error.
+
+## Execution vs. mutation in Plan Mode
+
+You may explore and execute **non-mutating** actions that improve the plan. You must not perform **mutating** actions.
+
+### Allowed (non-mutating, plan-improving)
+
+Actions that gather truth, reduce ambiguity, or validate feasibility without changing repo-tracked state. Examples:
+
+* Reading or searching files, configs, schemas, types, manifests, and docs
+* Static analysis, inspection, and repo exploration
+* Dry-run style commands when they do not edit repo-tracked files
+* Tests, builds, or checks that may write to caches or build artifacts (for example, \`target/\`, \`.cache/\`, or snapshots) so long as they do not edit repo-tracked files
+
+### Not allowed (mutating, plan-executing)
+
+Actions that implement the plan or change repo-tracked state. Examples:
+
+* Editing or writing files
+* Running formatters or linters that rewrite files
+* Applying patches, migrations, or codegen that updates repo-tracked files
+* Side-effectful commands whose purpose is to carry out the plan rather than refine it
+
+When in doubt: if the action would reasonably be described as "doing the work" rather than "planning the work," do not do it.
+
+## PHASE 1 \u2014 Ground in the environment (explore first, ask second)
+
+Begin by grounding yourself in the actual environment. Eliminate unknowns in the prompt by discovering facts, not by asking the user. Resolve all questions that can be answered through exploration or inspection. Identify missing or ambiguous details only if they cannot be derived from the environment. Silent exploration between turns is allowed and encouraged.
+
+Before asking the user any question, perform at least one targeted non-mutating exploration pass (for example: search relevant files, inspect likely entrypoints/configs, confirm current implementation shape), unless no local environment/repo is available.
+
+Exception: you may ask clarifying questions about the user's prompt before exploring, ONLY if there are obvious ambiguities or contradictions in the prompt itself. However, if ambiguity might be resolved by exploring, always prefer exploring first.
+
+Do not ask questions that can be answered from the repo or system (for example, "where is this struct?" or "which UI component should we use?" when exploration can make it clear). Only ask once you have exhausted reasonable non-mutating exploration.
+
+## PHASE 2 \u2014 Intent chat (what they actually want)
+
+* Keep asking until you can clearly state: goal + success criteria, audience, in/out of scope, constraints, current state, and the key preferences/tradeoffs.
+* Bias toward questions over guessing: if any high-impact ambiguity remains, do NOT plan yet\u2014ask.
+
+## PHASE 3 \u2014 Implementation chat (what/how we\u2019ll build)
+
+* Once intent is stable, keep asking until the spec is decision complete: approach, interfaces (APIs/schemas/I/O), data flow, edge cases/failure modes, testing + acceptance criteria, rollout/monitoring, and any migrations/compat constraints.
+
+## Asking questions
+
+Critical rules:
+
+* Strongly prefer using the \`request_user_input\` tool to ask any questions.
+* Offer only meaningful multiple\u2011choice options; don\u2019t include filler choices that are obviously wrong or irrelevant.
+* In rare cases where an unavoidable, important question can\u2019t be expressed with reasonable multiple\u2011choice options (due to extreme ambiguity), you may ask it directly without the tool.
+
+You SHOULD ask many questions, but each question must:
+
+* materially change the spec/plan, OR
+* confirm/lock an assumption, OR
+* choose between meaningful tradeoffs.
+* not be answerable by non-mutating commands.
+
+Use the \`request_user_input\` tool only for decisions that materially change the plan, for confirming important assumptions, or for information that cannot be discovered via non-mutating exploration.
+
+## Two kinds of unknowns (treat differently)
+
+1. **Discoverable facts** (repo/system truth): explore first.
+
+   * Before asking, run targeted searches and check likely sources of truth (configs/manifests/entrypoints/schemas/types/constants).
+   * Ask only if: multiple plausible candidates; nothing found but you need a missing identifier/context; or ambiguity is actually product intent.
+   * If asking, present concrete candidates (paths/service names) + recommend one.
+   * Never ask questions you can answer from your environment (e.g., \u201Cwhere is this struct\u201D).
+
+2. **Preferences/tradeoffs** (not discoverable): ask early.
+
+   * These are intent or implementation preferences that cannot be derived from exploration.
+   * Provide 2\u20134 mutually exclusive options + a recommended default.
+   * If unanswered, proceed with the recommended option and record it as an assumption in the final plan.
+
+## Finalization rule
+
+Only output the final plan when it is decision complete and leaves no decisions to the implementer.
+
+When you present the official plan, wrap it in a \`<proposed_plan>\` block so the client can render it specially:
+
+1) The opening tag must be on its own line.
+2) Start the plan content on the next line (no text on the same line as the tag).
+3) The closing tag must be on its own line.
+4) Use Markdown inside the block.
+5) Keep the tags exactly as \`<proposed_plan>\` and \`</proposed_plan>\` (do not translate or rename them), even if the plan content is in another language.
+
+Example:
+
+<proposed_plan>
+plan content
+</proposed_plan>
+
+plan content should be human and agent digestible. The final plan must be plan-only, concise by default, and include:
+
+* A clear title
+* A brief summary section
+* Important changes or additions to public APIs/interfaces/types
+* Test cases and scenarios
+* Explicit assumptions and defaults chosen where needed
+
+When possible, prefer a compact structure with 3-5 short sections, usually: Summary, Key Changes or Implementation Changes, Test Plan, and Assumptions. Do not include a separate Scope section unless scope boundaries are genuinely important to avoid mistakes.
+
+Prefer grouped implementation bullets by subsystem or behavior over file-by-file inventories. Mention files only when needed to disambiguate a non-obvious change, and avoid naming more than 3 paths unless extra specificity is necessary to prevent mistakes. Prefer behavior-level descriptions over symbol-by-symbol removal lists. For v1 feature-addition plans, do not invent detailed schema, validation, precedence, fallback, or wire-shape policy unless the request establishes it or it is needed to prevent a concrete implementation mistake; prefer the intended capability and minimum interface/behavior changes.
+
+Keep bullets short and avoid explanatory sub-bullets unless they are needed to prevent ambiguity. Prefer the minimum detail needed for implementation safety, not exhaustive coverage. Within each section, compress related changes into a few high-signal bullets and omit branch-by-branch logic, repeated invariants, and long lists of unaffected behavior unless they are necessary to prevent a likely implementation mistake. Avoid repeated repo facts and irrelevant edge-case or rollout detail. For straightforward refactors, keep the plan to a compact summary, key edits, tests, and assumptions. If the user asks for more detail, then expand.
+
+Do not ask "should I proceed?" in the final output. The user can easily switch out of Plan mode and request implementation if you have included a \`<proposed_plan>\` block in your response. Alternatively, they can decide to stay in Plan mode and continue refining the plan.
+
+Only produce at most one \`<proposed_plan>\` block per turn, and only when you are presenting a complete spec.
+
+If the user stays in Plan mode and asks for revisions after a prior \`<proposed_plan>\`, any new \`<proposed_plan>\` must be a complete replacement.`;
+
+// src/upstream/codex-rs/core/src/collaboration-mode-presets.ts
+var DEFAULT_MODE_TEMPLATE = `# Collaboration Mode: Default
+
+You are now in Default mode. Any previous instructions for other modes (e.g. Plan mode) are no longer active.
+
+Your active mode changes only when new developer instructions with a different \`<collaboration_mode>...</collaboration_mode>\` change it; user requests or tool descriptions do not change mode by themselves. Known mode names are {{KNOWN_MODE_NAMES}}.
+
+## request_user_input availability
+
+Use the \`request_user_input\` tool only when it is listed in the available tools for this turn.
+
+In Default mode, strongly prefer making reasonable assumptions and executing the user's request rather than stopping to ask questions. If you absolutely must ask a question because the answer cannot be discovered from local context and a reasonable assumption would be risky, ask the user directly with a concise plain-text question. Never write a multiple choice question as a textual assistant message.`;
+function builtinCollaborationModePresets() {
+  return [planPreset(), defaultPreset()];
+}
+function collaborationModePresetForMode(mode) {
+  return builtinCollaborationModePresets().find((preset) => preset.mode === mode) ?? null;
+}
+function normalizeCollaborationMode(input) {
+  const current = input.collaborationMode ? collaborationModeForModel(
+    input.collaborationMode.settings.model ?? input.model,
+    input.collaborationMode.settings.reasoning_effort ?? input.reasoningEffort ?? null,
+    input.collaborationMode.mode,
+    input.collaborationMode.settings.developer_instructions ?? null
+  ) : collaborationModeForModel(
+    input.model,
+    input.reasoningEffort ?? null,
+    ModeKind.Default
+  );
+  const preset = collaborationModePresetForMode(current.mode);
+  if (current.settings.developer_instructions === null && preset?.developer_instructions) {
+    return applyCollaborationModeMask(current, {
+      name: preset.name,
+      developer_instructions: preset.developer_instructions
+    });
+  }
+  return current;
+}
+function defaultModeInstructions() {
+  return DEFAULT_MODE_TEMPLATE.replace(
+    "{{KNOWN_MODE_NAMES}}",
+    formatModeNames(TUI_VISIBLE_COLLABORATION_MODES)
+  );
+}
+function planPreset() {
+  return {
+    name: modeDisplayName(ModeKind.Plan),
+    mode: ModeKind.Plan,
+    model: null,
+    reasoning_effort: "medium",
+    developer_instructions: CODEX_PLAN_MODE_INSTRUCTIONS
+  };
+}
+function defaultPreset() {
+  return {
+    name: modeDisplayName(ModeKind.Default),
+    mode: ModeKind.Default,
+    model: null,
+    reasoning_effort: void 0,
+    developer_instructions: defaultModeInstructions()
+  };
+}
+function formatModeNames(modes) {
+  const modeNames = modes.map(modeDisplayName);
+  if (modeNames.length === 0) {
+    return "none";
+  }
+  if (modeNames.length === 1) {
+    return modeNames[0] ?? "none";
+  }
+  if (modeNames.length === 2) {
+    return `${modeNames[0]} and ${modeNames[1]}`;
+  }
+  return modeNames.join(", ");
+}
+
+// src/upstream/codex-rs/core/src/tools/spec_plan_types.ts
+var ToolHandlerKind = {
+  DynamicTool: "DynamicTool",
+  RequestPermissions: "RequestPermissions",
+  RequestUserInput: "RequestUserInput",
+  ToolSearch: "ToolSearch",
+  UnavailableTool: "UnavailableTool",
+  Mcp: "Mcp",
+  ListMcpResources: "ListMcpResources",
+  ListMcpResourceTemplates: "ListMcpResourceTemplates",
+  ReadMcpResource: "ReadMcpResource",
+  ExecCommand: "ExecCommand",
+  WriteStdin: "WriteStdin",
+  ApplyPatch: "ApplyPatch",
+  Plan: "Plan",
+  GetGoal: "GetGoal",
+  CreateGoal: "CreateGoal",
+  UpdateGoal: "UpdateGoal",
+  SpawnAgent: "SpawnAgent",
+  SendInput: "SendInput",
+  WaitAgent: "WaitAgent",
+  CloseAgent: "CloseAgent",
+  ResumeAgent: "ResumeAgent",
+  ListAgents: "ListAgents",
+  SendMessage: "SendMessage",
+  FollowupTask: "FollowupTask"
+};
+function createToolRegistryPlan() {
+  return {
+    specs: [],
+    handlers: []
+  };
+}
+function defaultToolsConfig(input = {}) {
+  return {
+    namespace_tools: input.namespace_tools ?? true,
+    request_permissions_tool_enabled: input.request_permissions_tool_enabled ?? true,
+    request_user_input_available_modes: input.request_user_input_available_modes ?? [],
+    search_tool: input.search_tool ?? true,
+    web_search_mode: input.web_search === false ? "disabled" : input.web_search_mode ?? "cached",
+    web_search_tool_type: input.web_search_tool_type ?? "text",
+    web_search_config: input.web_search_config ?? null,
+    image_gen_tool: input.image_gen_tool ?? input.image_generation ?? false,
+    exec_command_tool_enabled: input.exec_command_tool_enabled ?? false,
+    write_stdin_tool_enabled: input.write_stdin_tool_enabled ?? false,
+    apply_patch_tool_enabled: input.apply_patch_tool_enabled ?? false,
+    thread_goal_tools_enabled: input.thread_goal_tools_enabled ?? true,
+    mcp_tools_enabled: input.mcp_tools_enabled ?? true,
+    multi_agent_tools_enabled: input.multi_agent_tools_enabled ?? false
+  };
+}
+
+// src/upstream/codex-rs/config/src/merge.ts
+var PROJECT_LOCAL_CONFIG_DENYLIST = /* @__PURE__ */ new Set([
+  "openai_base_url",
+  "chatgpt_base_url",
+  "model_provider",
+  "model_providers",
+  "notify",
+  "profile",
+  "profiles",
+  "experimental_realtime_ws_base_url"
+]);
+function config_layer_source_precedence(source) {
+  switch (source.type) {
+    case "Mdm":
+      return 0;
+    case "System":
+      return 10;
+    case "User":
+      return 20;
+    case "Project":
+      return 25;
+    case "SessionFlags":
+      return 30;
+    case "LegacyManagedConfigTomlFromFile":
+      return 40;
+    case "LegacyManagedConfigTomlFromMdm":
+      return 50;
+  }
+}
+function ConfigLayerEntry_new(name, config) {
+  return {
+    name,
+    config: sanitize_config_for_layer(name, config),
+    raw_toml: null,
+    version: version_for_toml(config),
+    disabled_reason: null
+  };
+}
+function ConfigLayerEntry_new_with_raw_toml(name, config, raw_toml) {
+  const sanitized = sanitize_config_for_layer(name, config);
+  return {
+    name,
+    config: sanitized,
+    raw_toml,
+    version: version_for_toml(sanitized),
+    disabled_reason: null
+  };
+}
+function ConfigLayerEntry_new_disabled(name, config, disabled_reason) {
+  return {
+    name,
+    config,
+    raw_toml: null,
+    version: version_for_toml(config),
+    disabled_reason
+  };
+}
+function ConfigLayerEntry_is_disabled(layer) {
+  return Boolean(layer.disabled_reason);
+}
+function ConfigLayerStack_new(layers = [], startup_warnings = []) {
+  verify_layer_ordering(layers);
+  return { layers, startup_warnings };
+}
+function ConfigLayerStack_get_layers(stack, ordering, include_disabled = false) {
+  const layers = stack.layers.filter(
+    (layer) => include_disabled || !ConfigLayerEntry_is_disabled(layer)
+  );
+  return ordering === ConfigLayerStackOrdering.HighestPrecedenceFirst ? [...layers].reverse() : layers;
+}
+function ConfigLayerStack_effective_config(stack) {
+  const merged = {};
+  for (const layer of ConfigLayerStack_get_layers(
+    stack,
+    ConfigLayerStackOrdering.LowestPrecedenceFirst,
+    false
+  )) {
+    merge_toml_values(merged, layer.config);
+  }
+  return merged;
+}
+function merge_config_layers(stack, overrides = {}) {
+  const merged = ConfigLayerStack_effective_config(stack);
+  return resolve_config(merged, stack.startup_warnings, overrides);
+}
+function merge_toml_values(base, overlay) {
+  merge_toml_values_at_path(base, overlay, []);
+  return base;
+}
+function merge_toml_values_at_path(base, overlay, path) {
+  normalize_key_aliases(path, base);
+  const normalizedOverlay = { ...overlay };
+  normalize_key_aliases(path, normalizedOverlay);
+  for (const [key, value] of Object.entries(normalizedOverlay)) {
+    const existing = base[key];
+    const childPath = [...path, key];
+    if (isIgnoredLegacyToolsWebSearchValue(childPath, value)) {
+      continue;
+    }
+    if (isPlainTomlTable(existing) && isPlainTomlTable(value)) {
+      merge_toml_values_at_path(existing, value, childPath);
+    } else {
+      base[key] = normalized_with_key_aliases(value, childPath);
+    }
+  }
+}
+function resolve_config(config, startupWarnings = [], overrides = {}) {
+  const merged = { ...config };
+  const activeProfileName = overrides.profile ?? merged.profile ?? null;
+  const configProfile = activeProfileName && merged.profiles ? merged.profiles[activeProfileName] : null;
+  if (activeProfileName && !configProfile) {
+    startupWarnings = [
+      ...startupWarnings,
+      `config profile \`${activeProfileName}\` not found`
+    ];
+  }
+  if (configProfile) {
+    merge_toml_values(merged, configProfile);
+  }
+  merge_toml_values(merged, overrides);
+  const permissionProfile = resolvePermissionProfile(merged);
+  const permissionWarnings = validatePermissionProfile(permissionProfile);
+  const sandboxPolicy = merged.sandbox_policy ?? legacySandboxPolicyFromPermissionProfile(permissionProfile, merged.cwd ?? "");
+  const activeBuiltin = builtinPermissionProfileNameFromProfile(
+    permissionProfile
+  ) ?? defaultBuiltinPermissionProfileName();
+  const baseInstructions = normalizeBaseInstructions(merged);
+  const webSearchMode = resolve_web_search_mode(merged) ?? "cached";
+  const webSearchConfig = resolve_web_search_config(merged);
+  const tools = tools_config_from_toml(merged.tools, {
+    web_search_config: webSearchConfig,
+    web_search_mode: webSearchMode
+  });
+  return {
+    model: merged.model ?? "gpt-5.5",
+    model_provider: merged.model_provider ?? "openai",
+    service_tier: merged.service_tier ?? null,
+    reasoning_effort: merged.model_reasoning_effort ?? null,
+    reasoning_summary: merged.model_reasoning_summary ?? "auto",
+    personality: merged.personality ?? null,
+    approval_policy: merged.approval_policy ?? "never",
+    approvals_reviewer: merged.approvals_reviewer ?? null,
+    sandbox_policy: sandboxPolicy,
+    permission_profile: permissionProfile,
+    active_permission_profile: merged.active_permission_profile ?? activePermissionProfileForBuiltin(activeBuiltin),
+    windows_sandbox_level: merged.windows_sandbox_level ?? null,
+    cwd: merged.cwd ?? "",
+    base_instructions: baseInstructions.base_instructions,
+    base_instructions_source: baseInstructions.source,
+    developer_instructions: merged.developer_instructions ?? null,
+    user_instructions: merged.user_instructions ?? null,
+    collaboration_mode: normalizeCollaborationMode({
+      collaborationMode: merged.collaboration_mode ?? null,
+      model: merged.model ?? "gpt-5.5",
+      reasoningEffort: merged.model_reasoning_effort ?? null
+    }),
+    session_source: merged.session_source ?? "test",
+    environments: merged.environments ?? [],
+    dynamic_tools: merged.dynamic_tools ?? [],
+    final_output_json_schema: merged.final_output_json_schema,
+    truncation_policy: merged.truncation_policy ?? null,
+    web_search: merged.web_search ?? null,
+    web_search_mode: webSearchMode,
+    tools,
+    profiles: merged.profiles,
+    profile: merged.profile,
+    compact_prompt: merged.compact_prompt ?? null,
+    include_permissions_instructions: merged.include_permissions_instructions ?? true,
+    include_environment_context: merged.include_environment_context ?? true,
+    include_apps_instructions: merged.include_apps_instructions ?? true,
+    include_skill_instructions: merged.include_skill_instructions ?? true,
+    startup_warnings: [...startupWarnings, ...permissionWarnings],
+    model_reasoning_effort: merged.model_reasoning_effort,
+    model_reasoning_summary: merged.model_reasoning_summary
+  };
+}
+function resolve_web_search_mode(config) {
+  if (isWebSearchMode(config.web_search)) {
+    return config.web_search;
+  }
+  if (featureEnabled(config.features, "web_search_cached", "WebSearchCached")) {
+    return "cached";
+  }
+  if (featureEnabled(config.features, "web_search_request", "WebSearchRequest")) {
+    return "live";
+  }
+  return null;
+}
+function resolve_web_search_config(config) {
+  const toolConfig = normalizeWebSearchToolConfig(config.tools?.web_search);
+  return toolConfig ? webSearchConfigFromToolConfig(toolConfig) : null;
+}
+function resolve_web_search_mode_for_turn(input) {
+  const allowed = allowedWebSearchModes(input.allowed_modes);
+  const preferred = input.web_search_mode;
+  if (isDisabledPermissionProfile(input.permission_profile) && preferred !== "disabled") {
+    for (const mode of ["live", "cached", "disabled"]) {
+      if (allowed.has(mode)) {
+        return mode;
+      }
+    }
+    return "disabled";
+  }
+  if (allowed.has(preferred)) {
+    return preferred;
+  }
+  for (const mode of ["cached", "live", "disabled"]) {
+    if (allowed.has(mode)) {
+      return mode;
+    }
+  }
+  return "disabled";
+}
+function tools_config_from_toml(tools, webSearch) {
+  const input = { ...tools ?? {} };
+  delete input.web_search;
+  return defaultToolsConfig({
+    ...input,
+    web_search_config: webSearch.web_search_config,
+    web_search_mode: webSearch.web_search_mode
+  });
+}
+function normalizeWebSearchToolConfig(value) {
+  if (!value || typeof value !== "object" || Array.isArray(value)) {
+    return null;
+  }
+  return value;
+}
+function webSearchConfigFromToolConfig(config) {
+  return {
+    ...Array.isArray(config.allowed_domains) ? { filters: { allowed_domains: config.allowed_domains } } : {},
+    ...config.location && typeof config.location === "object" ? { user_location: webSearchUserLocation(config.location) } : {},
+    ...config.context_size ? { search_context_size: config.context_size } : {}
+  };
+}
+function webSearchUserLocation(location) {
+  return {
+    type: "approximate",
+    ...location.country ? { country: location.country } : {},
+    ...location.region ? { region: location.region } : {},
+    ...location.city ? { city: location.city } : {},
+    ...location.timezone ? { timezone: location.timezone } : {}
+  };
+}
+function allowedWebSearchModes(modes) {
+  if (!modes) {
+    return /* @__PURE__ */ new Set(["disabled", "cached", "live"]);
+  }
+  return /* @__PURE__ */ new Set(["disabled", ...modes.filter(isWebSearchMode)]);
+}
+function isWebSearchMode(value) {
+  return value === "disabled" || value === "cached" || value === "live";
+}
+function isDisabledPermissionProfile(profile) {
+  return Boolean(profile && profile.type === "disabled");
+}
+function featureEnabled(features, ...keys) {
+  if (!features) {
+    return false;
+  }
+  for (const key of keys) {
+    const value = features[key];
+    if (value === true) {
+      return true;
+    }
+    if (value && typeof value === "object") {
+      const record = value;
+      if (record.enabled === true || record.value === true) {
+        return true;
+      }
+    }
+  }
+  return false;
+}
+function normalizeBaseInstructions(config) {
+  if (typeof config.instructions === "string") {
+    return {
+      base_instructions: { text: config.instructions },
+      source: "config"
+    };
+  }
+  if (typeof config.model_instructions_file_contents === "string") {
+    const trimmed = config.model_instructions_file_contents.trim();
+    if (trimmed) {
+      return {
+        base_instructions: { text: trimmed },
+        source: "model_instructions_file"
+      };
+    }
+  }
+  const baseInstructions = config.base_instructions;
+  if (typeof baseInstructions === "string") {
+    return {
+      base_instructions: { text: baseInstructions },
+      source: "config"
+    };
+  }
+  if (baseInstructions) {
+    return {
+      base_instructions: baseInstructions,
+      source: "config"
+    };
+  }
+  return {
+    base_instructions: BaseInstructions.default(),
+    source: "default"
+  };
+}
+function resolvePermissionProfile(config) {
+  if (config.permission_profile) {
+    return effectivePermissionProfile({
+      permission_profile: config.permission_profile,
+      sandbox_policy: config.sandbox_policy
+    });
+  }
+  if (config.sandbox_policy) {
+    return effectivePermissionProfile({
+      permission_profile: null,
+      sandbox_policy: config.sandbox_policy
+    });
+  }
+  if (config.sandbox_mode) {
+    return permissionProfileFromLegacySandboxPolicy({
+      mode: config.sandbox_mode
+    });
+  }
+  return effectivePermissionProfile({
+    permission_profile: null,
+    sandbox_policy: null
+  });
+}
+function sanitize_config_for_layer(source, config) {
+  if (source.type !== "Project") {
+    return config;
+  }
+  const sanitized = { ...config };
+  for (const denied of PROJECT_LOCAL_CONFIG_DENYLIST) {
+    delete sanitized[denied];
+  }
+  return sanitized;
+}
+function verify_layer_ordering(layers) {
+  for (let index = 1; index < layers.length; index += 1) {
+    const previous = layers[index - 1];
+    const current = layers[index];
+    if (config_layer_source_precedence(previous.name) > config_layer_source_precedence(current.name)) {
+      throw new Error("config layers are not in correct precedence order");
+    }
+  }
+}
+function version_for_toml(config) {
+  return stableStringify(config);
+}
+function stableStringify(value) {
+  if (Array.isArray(value)) {
+    return `[${value.map(stableStringify).join(",")}]`;
+  }
+  if (isPlainTomlTable(value)) {
+    return `{${Object.keys(value).sort().map((key) => `${JSON.stringify(key)}:${stableStringify(value[key])}`).join(",")}}`;
+  }
+  return JSON.stringify(value);
+}
+function isPlainTomlTable(value) {
+  return Boolean(value) && typeof value === "object" && !Array.isArray(value);
+}
+function normalize_key_aliases(path, table) {
+  if (path.length === 1 && path[0] === "memories" && "no_memories_if_mcp_or_web_search" in table && !("disable_on_external_context" in table)) {
+    table.disable_on_external_context = table.no_memories_if_mcp_or_web_search;
+    delete table.no_memories_if_mcp_or_web_search;
+  }
+}
+function normalized_with_key_aliases(value, path) {
+  if (Array.isArray(value)) {
+    return value.map((item) => normalized_with_key_aliases(item, path));
+  }
+  if (!isPlainTomlTable(value)) {
+    return value;
+  }
+  const normalized = {};
+  for (const [key, child] of Object.entries(value)) {
+    normalized[key] = normalized_with_key_aliases(child, [...path, key]);
+  }
+  normalize_key_aliases(path, normalized);
+  return normalized;
+}
+function isIgnoredLegacyToolsWebSearchValue(path, value) {
+  return path.length === 2 && path[0] === "tools" && path[1] === "web_search" && typeof value === "boolean";
+}
+function build_cli_overrides_layer(cli_overrides) {
+  const root = {};
+  for (const [path, value] of cli_overrides) {
+    apply_toml_override(root, path, value);
+  }
+  return root;
+}
+function apply_toml_override(root, path, value) {
+  let current = root;
+  const segments = path.split(".");
+  for (const [index, segment] of segments.entries()) {
+    if (index === segments.length - 1) {
+      current[segment] = value;
+      return;
+    }
+    const next = current[segment];
+    if (!isPlainTomlTable(next)) {
+      current[segment] = {};
+    }
+    current = current[segment];
+  }
+}
+
+// src/upstream/codex-rs/config/src/thread_config.ts
+var ThreadConfigLoadError = class extends Error {
+  constructor(code, message, status_code = null) {
+    super(message);
+    this.code = code;
+    this.status_code = status_code;
+    this.name = "ThreadConfigLoadError";
+  }
+  code;
+  status_code;
+};
+var BaseThreadConfigLoader = class {
+  async load_config_layers(context) {
+    const sources = await this.load(context);
+    return sources.map(thread_config_source_to_layer).filter((layer) => Boolean(layer));
+  }
+};
+var StaticThreadConfigLoader = class extends BaseThreadConfigLoader {
+  constructor(sources = []) {
+    super();
+    this.sources = sources;
+  }
+  sources;
+  load(context) {
+    return this.sources;
+  }
+};
+var NoopThreadConfigLoader = class _NoopThreadConfigLoader extends BaseThreadConfigLoader {
+  static instance = new _NoopThreadConfigLoader();
+  load(context) {
+    return [];
+  }
+};
+function thread_config_source_to_layer(source) {
+  switch (source.type) {
+    case "Session":
+      return is_empty_config(source.config) ? null : ConfigLayerEntry_new({ type: "SessionFlags" }, source.config);
+    case "User":
+      return is_empty_config(source.config) ? null : ConfigLayerEntry_new(
+        { type: "User", file: "$CODEX_HOME/config.toml" },
+        source.config
+      );
+  }
+}
+function is_empty_config(config) {
+  return Object.keys(config).length === 0;
+}
+
+// src/upstream/codex-rs/config/src/loader/mod.ts
+async function load_config_layers_state(params = {}) {
+  const codexHome = params.codex_home ?? "";
+  const readFile = params.read_file_text ?? (() => null);
+  const layers = [];
+  if (params.app_config) {
+    layers.push(
+      load_config_toml_from_text(
+        { type: "System", file: params.app_config.file },
+        params.app_config.contents
+      )
+    );
+  }
+  if (!params.overrides?.ignore_user_config && codexHome) {
+    layers.push(
+      await load_config_toml_for_required_layer(readFile, {
+        type: "User",
+        file: `${codexHome.replace(/\/$/, "")}/${CONFIG_TOML_FILE}`
+      })
+    );
+  }
+  const threadConfigContext = {
+    thread_id: null,
+    cwd: params.cwd ?? null
+  };
+  const threadConfigLoader = params.thread_config_loader ?? NoopThreadConfigLoader.instance;
+  for (const layer of await threadConfigLoader.load_config_layers(
+    threadConfigContext
+  )) {
+    insert_layer_by_precedence(layers, layer);
+  }
+  const modelInstructionsFile = merge_config_layers(
+    ConfigLayerStack_new(layers, params.startup_warnings ?? [])
+  ).model_instructions_file;
+  if (modelInstructionsFile) {
+    const contents = await readFile(modelInstructionsFile);
+    if (contents != null) {
+      layers.push(
+        ConfigLayerEntry_new(
+          { type: "SessionFlags" },
+          { model_instructions_file_contents: contents }
+        )
+      );
+    }
+  }
+  if (params.cli_overrides?.length) {
+    layers.push(
+      ConfigLayerEntry_new(
+        { type: "SessionFlags" },
+        build_cli_overrides_layer(params.cli_overrides)
+      )
+    );
+  }
+  return ConfigLayerStack_new(layers, params.startup_warnings ?? []);
+}
+async function load_config(stack, overrides = {}) {
+  return merge_config_layers(stack, overrides);
+}
+async function load_config_toml_for_required_layer(read_file_text, name) {
+  const file = config_layer_source_file(name);
+  const contents = file ? await read_file_text(file) : null;
+  if (contents == null) {
+    return ConfigLayerEntry_new(name, {});
+  }
+  return load_config_toml_from_text(name, contents);
+}
+function load_config_toml_from_text(name, contents) {
+  try {
+    return ConfigLayerEntry_new_with_raw_toml(
+      name,
+      parse_config_toml(contents),
+      contents
+    );
+  } catch (error) {
+    throw new Error(
+      `Error parsing config file ${config_layer_source_label(name)}: ${String(error)}`
+    );
+  }
+}
+function insert_layer_by_precedence(layers, layer) {
+  const index = layers.findIndex(
+    (existing) => config_layer_source_precedence2(existing.name) > config_layer_source_precedence2(layer.name)
+  );
+  if (index === -1) {
+    layers.push(layer);
+  } else {
+    layers.splice(index, 0, layer);
+  }
+}
+function config_layer_source_precedence2(source) {
+  switch (source.type) {
+    case "Mdm":
+      return 0;
+    case "System":
+      return 10;
+    case "User":
+      return 20;
+    case "Project":
+      return 25;
+    case "SessionFlags":
+      return 30;
+    case "LegacyManagedConfigTomlFromFile":
+      return 40;
+    case "LegacyManagedConfigTomlFromMdm":
+      return 50;
+  }
+}
+function config_layer_source_file(source) {
+  switch (source.type) {
+    case "System":
+    case "User":
+    case "LegacyManagedConfigTomlFromFile":
+      return source.file;
+    case "Project":
+      return `${source.dot_codex_folder.replace(/\/$/, "")}/${CONFIG_TOML_FILE}`;
+    case "Mdm":
+    case "SessionFlags":
+    case "LegacyManagedConfigTomlFromMdm":
+      return null;
+  }
+}
+function config_layer_source_label(source) {
+  return config_layer_source_file(source) ?? source.type;
+}
+
+export { BUILT_IN_DANGER_NO_SANDBOX_PROFILE, BUILT_IN_READ_ONLY_PROFILE, BUILT_IN_WORKSPACE_PROFILE, BaseThreadConfigLoader, CODEX_PLAN_MODE_INSTRUCTIONS, CONFIG_TOML_FILE, ConfigLayerEntry_is_disabled, ConfigLayerEntry_new, ConfigLayerEntry_new_disabled, ConfigLayerEntry_new_with_raw_toml, ConfigLayerStackOrdering, ConfigLayerStack_effective_config, ConfigLayerStack_get_layers, ConfigLayerStack_new, ModeKind, NoopThreadConfigLoader, StaticThreadConfigLoader, TUI_VISIBLE_COLLABORATION_MODES, ThreadConfigLoadError, ToolHandlerKind, activePermissionProfileForBuiltin, active_permission_profile, allowsRequestUserInput, applyCollaborationModeMask, build_cli_overrides_layer, builtinCollaborationModePresets, builtinPermissionProfile, builtinPermissionProfileNameFromProfile, collaborationModeForModel, collaborationModePresetForMode, collaborationModeWithUpdates, config_layer_source_precedence, config_toml_from_unknown, createConfigLayerStack, createToolRegistryPlan, defaultBuiltinPermissionProfileName, defaultModeInstructions, defaultToolsConfig, disabledPermissionProfile, effectivePermissionProfile, empty_config_toml, insert_layer_by_precedence, isTomlTable, legacySandboxPolicyFromPermissionProfile, load_config, load_config_layers_state, load_config_toml_for_required_layer, load_config_toml_from_text, merge_config_layers, merge_toml_values, modeDisplayName, normalizeCollaborationMode, parse_config_toml, parse_toml_value, permissionProfileFromLegacySandboxPolicy, readOnlyPermissionProfile, resolve_config, resolve_web_search_config, resolve_web_search_mode, resolve_web_search_mode_for_turn, serialize_config_toml, thread_config_source_to_layer, validatePermissionProfile, workspaceWritePermissionProfile };
+//# sourceMappingURL=chunk-SYPHCDRD.js.map
+//# sourceMappingURL=chunk-SYPHCDRD.js.map