@leo000001/codex-mcp 0.2.0

package/dist/index.js

@@ -0,0 +1,3168 @@
+#!/usr/bin/env node
+
+// src/index.ts
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+
+// src/server.ts
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { z } from "zod";
+
+// src/session/manager.ts
+import { randomUUID } from "crypto";
+
+// src/app-server/client.ts
+import { spawn } from "child_process";
+import { EventEmitter } from "events";
+import { StringDecoder } from "string_decoder";
+
+// src/app-server/protocol.ts
+function toSandboxPolicy(mode) {
+  switch (mode) {
+    case "read-only":
+      return { type: "readOnly" };
+    case "workspace-write":
+      return { type: "workspaceWrite" };
+    case "danger-full-access":
+      return { type: "dangerFullAccess" };
+    default:
+      return void 0;
+  }
+}
+var Methods = {
+  // Client → Server
+  INITIALIZE: "initialize",
+  THREAD_START: "thread/start",
+  THREAD_RESUME: "thread/resume",
+  THREAD_FORK: "thread/fork",
+  TURN_START: "turn/start",
+  TURN_INTERRUPT: "turn/interrupt",
+  TURN_STEER: "turn/steer",
+  // Server → Client requests
+  COMMAND_APPROVAL: "item/commandExecution/requestApproval",
+  FILE_CHANGE_APPROVAL: "item/fileChange/requestApproval",
+  USER_INPUT_REQUEST: "item/tool/requestUserInput",
+  DYNAMIC_TOOL_CALL: "item/tool/call",
+  AUTH_TOKEN_REFRESH: "account/chatgptAuthTokens/refresh",
+  LEGACY_PATCH_APPROVAL: "applyPatchApproval",
+  LEGACY_EXEC_APPROVAL: "execCommandApproval",
+  // Server → Client notifications
+  ERROR: "error",
+  THREAD_STARTED: "thread/started",
+  TURN_STARTED: "turn/started",
+  TURN_COMPLETED: "turn/completed",
+  TURN_DIFF_UPDATED: "turn/diff/updated",
+  TURN_PLAN_UPDATED: "turn/plan/updated",
+  ITEM_STARTED: "item/started",
+  ITEM_COMPLETED: "item/completed",
+  AGENT_MESSAGE_DELTA: "item/agentMessage/delta",
+  COMMAND_OUTPUT_DELTA: "item/commandExecution/outputDelta",
+  FILE_CHANGE_OUTPUT_DELTA: "item/fileChange/outputDelta",
+  REASONING_TEXT_DELTA: "item/reasoning/textDelta",
+  REASONING_SUMMARY_DELTA: "item/reasoning/summaryTextDelta",
+  PLAN_DELTA: "item/plan/delta",
+  MCP_TOOL_PROGRESS: "item/mcpToolCall/progress",
+  SESSION_CONFIGURED: "sessionConfigured"
+};
+
+// src/app-server/lifecycle.ts
+function buildAppServerArgs(opts) {
+  const args = ["app-server"];
+  if (opts.profile) {
+    args.push("-p", opts.profile);
+  }
+  if (opts.model) {
+    args.push("-c", `model=${opts.model}`);
+  }
+  if (opts.approvalPolicy) {
+    args.push("-c", `approval_policy=${opts.approvalPolicy}`);
+  }
+  if (opts.sandbox) {
+    args.push("-c", `sandbox_mode=${opts.sandbox}`);
+  }
+  if (opts.config) {
+    for (const [key, value] of Object.entries(opts.config)) {
+      const serialized = typeof value === "object" && value !== null ? JSON.stringify(value) : String(value);
+      args.push("-c", `${key}=${serialized}`);
+    }
+  }
+  return args;
+}
+
+// src/app-server/codex-bin.ts
+import { existsSync, readFileSync } from "fs";
+import path from "path";
+function resolveCodexInvocation(codexArgs, deps = {}) {
+  const platform = deps.platform ?? process.platform;
+  const env = deps.env ?? process.env;
+  const exists = deps.exists ?? existsSync;
+  const readFile = deps.readFile ?? ((p) => readFileSync(p, "utf8"));
+  const pathApi = platform === "win32" ? path.win32 : path.posix;
+  const delimiter = platform === "win32" ? ";" : ":";
+  if (platform !== "win32") {
+    return { cmd: "codex", args: codexArgs, spawnedViaCmd: false };
+  }
+  const shim = findOnPath("codex", env, exists, pathApi, delimiter, [".exe", ".cmd", ".bat"]);
+  if (shim && shim.toLowerCase().endsWith(".exe")) {
+    return { cmd: shim, args: codexArgs, spawnedViaCmd: false };
+  }
+  if (shim && (shim.toLowerCase().endsWith(".cmd") || shim.toLowerCase().endsWith(".bat"))) {
+    const script = tryResolveNodeScriptFromShim(shim, exists, readFile, pathApi);
+    if (script) {
+      return { cmd: process.execPath, args: [script, ...codexArgs], spawnedViaCmd: false };
+    }
+  }
+  const comspec = env.ComSpec || env.COMSPEC || "cmd.exe";
+  return { cmd: comspec, args: ["/d", "/s", "/c", "codex", ...codexArgs], spawnedViaCmd: true };
+}
+function findOnPath(base, env, exists, pathApi, delimiter, exts) {
+  const pathEnv = env.PATH || env.Path || env.path || "";
+  const dirs = pathEnv.split(delimiter).map((d) => stripSurroundingQuotes(d.trim())).filter(Boolean);
+  for (const dir of dirs) {
+    for (const ext of exts) {
+      const candidate = pathApi.join(dir, `${base}${ext}`);
+      if (exists(candidate)) return candidate;
+    }
+    const raw = pathApi.join(dir, base);
+    if (exists(raw)) return raw;
+  }
+  return void 0;
+}
+function stripSurroundingQuotes(value) {
+  if (value.length >= 2 && value.startsWith('"') && value.endsWith('"')) {
+    return value.slice(1, -1);
+  }
+  return value;
+}
+function tryResolveNodeScriptFromShim(shimPath, exists, readFile, pathApi) {
+  let contents;
+  try {
+    contents = readFile(shimPath);
+  } catch {
+    return void 0;
+  }
+  const matches = [];
+  const re = /"([^"]+\.(?:m?js|cjs))"/gi;
+  for (; ; ) {
+    const m = re.exec(contents);
+    if (!m) break;
+    matches.push(m[1]);
+  }
+  if (matches.length === 0) return void 0;
+  const preferred = matches.find((m) => /codex/i.test(pathApi.basename(m))) ?? matches.find((m) => /@openai\\codex|\\codex\\|\/codex\//i.test(m)) ?? matches[matches.length - 1];
+  const shimDir = pathApi.dirname(shimPath);
+  const dp0 = shimDir.endsWith(pathApi.sep) ? shimDir : shimDir + pathApi.sep;
+  let resolved = preferred.replace(/%~dp0/gi, dp0).replace(/%dp0%/gi, dp0);
+  resolved = resolved.replace(/\//g, "\\");
+  const abs = pathApi.isAbsolute(resolved) ? pathApi.normalize(resolved) : pathApi.resolve(shimDir, resolved);
+  if (!exists(abs)) return void 0;
+  return abs;
+}
+
+// src/types.ts
+var APPROVAL_POLICIES = ["untrusted", "on-failure", "on-request", "never"];
+var SANDBOX_MODES = ["read-only", "workspace-write", "danger-full-access"];
+var PERSONALITIES = ["none", "friendly", "pragmatic"];
+var EFFORT_LEVELS = ["none", "minimal", "low", "medium", "high", "xhigh"];
+var SUMMARY_MODES = ["auto", "concise", "detailed", "none"];
+var SESSION_ACTIONS = ["list", "get", "cancel", "interrupt", "fork"];
+var CHECK_ACTIONS = [
+  "poll",
+  "respond_permission",
+  "respond_approval",
+  "respond_user_input"
+];
+var RESPONSE_MODES = ["minimal", "delta_compact", "full"];
+var COMMAND_DECISIONS = [
+  "accept",
+  "acceptForSession",
+  "acceptWithExecpolicyAmendment",
+  "decline",
+  "cancel"
+];
+var FILE_CHANGE_DECISIONS = ["accept", "acceptForSession", "decline", "cancel"];
+var ALL_DECISIONS = [
+  "accept",
+  "acceptForSession",
+  "acceptWithExecpolicyAmendment",
+  "decline",
+  "cancel"
+];
+var ErrorCode = /* @__PURE__ */ ((ErrorCode2) => {
+  ErrorCode2["INVALID_ARGUMENT"] = "INVALID_ARGUMENT";
+  ErrorCode2["SESSION_NOT_FOUND"] = "SESSION_NOT_FOUND";
+  ErrorCode2["SESSION_BUSY"] = "SESSION_BUSY";
+  ErrorCode2["SESSION_NOT_RUNNING"] = "SESSION_NOT_RUNNING";
+  ErrorCode2["REQUEST_NOT_FOUND"] = "REQUEST_NOT_FOUND";
+  ErrorCode2["TIMEOUT"] = "TIMEOUT";
+  ErrorCode2["CANCELLED"] = "CANCELLED";
+  ErrorCode2["APP_SERVER_START_FAILED"] = "APP_SERVER_START_FAILED";
+  ErrorCode2["THREAD_FORK_RESUME_FAILED"] = "THREAD_FORK_RESUME_FAILED";
+  ErrorCode2["PROTOCOL_PARSE_ERROR"] = "PROTOCOL_PARSE_ERROR";
+  ErrorCode2["WRITE_QUEUE_DROPPED"] = "WRITE_QUEUE_DROPPED";
+  ErrorCode2["INTERNAL"] = "INTERNAL";
+  return ErrorCode2;
+})(ErrorCode || {});
+var DEFAULT_EFFORT_LEVEL = "low";
+var DEFAULT_POLL_INTERVAL = 12e4;
+var WAITING_APPROVAL_POLL_INTERVAL = 1e3;
+var POLL_DEFAULT_MAX_EVENTS = 1;
+var POLL_MIN_MAX_EVENTS = 1;
+var RESPOND_DEFAULT_MAX_EVENTS = 0;
+var DEFAULT_MAX_EVENTS = 200;
+var DEFAULT_EVENT_BUFFER_SIZE = 1e3;
+var DEFAULT_EVENT_BUFFER_HARD_SIZE = 2e3;
+var DEFAULT_APPROVAL_TIMEOUT_MS = 6e4;
+var DEFAULT_IDLE_CLEANUP_MS = 30 * 60 * 1e3;
+var DEFAULT_RUNNING_CLEANUP_MS = 4 * 60 * 60 * 1e3;
+var DEFAULT_TERMINAL_CLEANUP_MS = 5 * 60 * 1e3;
+var CLEANUP_INTERVAL_MS = 6e4;
+
+// src/app-server/client.ts
+var CLIENT_VERSION = true ? "0.2.0" : "0.0.0-dev";
+var DEFAULT_REQUEST_TIMEOUT = 3e4;
+var STARTUP_REQUEST_TIMEOUT = 9e4;
+var MAX_WRITE_QUEUE_BYTES = 5 * 1024 * 1024;
+var AppServerClient = class extends EventEmitter {
+  process = null;
+  nextId = 1;
+  pending = /* @__PURE__ */ new Map();
+  buffer = "";
+  decoder = new StringDecoder("utf8");
+  _destroyed = false;
+  lastFailure = null;
+  backpressure = false;
+  writeQueue = [];
+  queuedBytes = 0;
+  spawnedViaCmd = false;
+  spawnedDetached = false;
+  notificationHandler = null;
+  serverRequestHandler = null;
+  get destroyed() {
+    return this._destroyed;
+  }
+  /**
+   * Spawn codex app-server and perform initialization handshake.
+   */
+  async start(opts) {
+    const args = buildAppServerArgs(opts);
+    const env = { ...process.env };
+    const stdio = ["pipe", "pipe", "pipe"];
+    const invocation = resolveCodexInvocation(args);
+    this.spawnedViaCmd = invocation.spawnedViaCmd;
+    this.spawnedDetached = process.platform !== "win32";
+    const proc = spawn(invocation.cmd, invocation.args, {
+      stdio,
+      env,
+      detached: this.spawnedDetached,
+      windowsHide: process.platform === "win32"
+    });
+    this.process = proc;
+    proc.stdout.on("data", (chunk) => this.onData(chunk));
+    proc.stderr.on("data", (chunk) => {
+      console.error(`[app-server stderr] ${chunk.toString().trimEnd()}`);
+    });
+    proc.stdin?.on("drain", () => this.flushWriteQueue());
+    proc.stdin?.on("error", (err) => {
+      this.lastFailure = err instanceof Error ? err : new Error(String(err));
+      this.failAllPending(this.lastFailure);
+    });
+    proc.stdin?.on("close", () => {
+      this.lastFailure ??= new Error("app-server stdin closed");
+      this.failAllPending(this.lastFailure);
+    });
+    proc.on("exit", (code, signal) => {
+      this.lastFailure ??= new Error(
+        `app-server exited (code: ${code}, signal: ${signal ?? "null"})`
+      );
+      this.failAllPending(this.lastFailure);
+      if (!this._destroyed) {
+        this.emit("exit", code, signal);
+      }
+    });
+    proc.on("error", (err) => {
+      this.lastFailure = err instanceof Error ? err : new Error(String(err));
+      this.failAllPending(this.lastFailure);
+      this.emit("error", err);
+    });
+    const result = await this.request(Methods.INITIALIZE, {
+      clientInfo: { name: "codex-mcp", version: CLIENT_VERSION }
+    });
+    return result;
+  }
+  /**
+   * Register handler for server notifications.
+   */
+  onNotification(handler) {
+    this.notificationHandler = handler;
+  }
+  /**
+   * Register handler for server-initiated requests (approvals, user input, etc.).
+   */
+  onServerRequest(handler) {
+    this.serverRequestHandler = handler;
+  }
+  /**
+   * Send a JSON-RPC response to a server-initiated request.
+   */
+  respondToServer(id, result) {
+    try {
+      this.send({ jsonrpc: "2.0", id, result });
+    } catch (err) {
+      console.error(
+        `[app-server] Failed to send JSON-RPC response for server request id=${String(id)}: ${err instanceof Error ? err.message : String(err)}`
+      );
+    }
+  }
+  /**
+   * Send a JSON-RPC error response to a server-initiated request.
+   */
+  respondErrorToServer(id, code, message) {
+    try {
+      this.send({ jsonrpc: "2.0", id, error: { code, message } });
+    } catch (err) {
+      console.error(
+        `[app-server] Failed to send JSON-RPC error response for server request id=${String(id)}: ${err instanceof Error ? err.message : String(err)}`
+      );
+    }
+  }
+  // ── High-level protocol methods ────────────────────────────────
+  async threadStart(params, timeout = STARTUP_REQUEST_TIMEOUT) {
+    return this.request(Methods.THREAD_START, params, timeout);
+  }
+  async threadFork(params) {
+    return this.request(Methods.THREAD_FORK, params);
+  }
+  async threadResume(params) {
+    return this.request(Methods.THREAD_RESUME, params);
+  }
+  async turnStart(params, timeout = STARTUP_REQUEST_TIMEOUT) {
+    return this.request(Methods.TURN_START, params, timeout);
+  }
+  async turnInterrupt(params) {
+    await this.request(Methods.TURN_INTERRUPT, params);
+  }
+  // ── Low-level JSON-RPC ─────────────────────────────────────────
+  request(method, params, timeout = DEFAULT_REQUEST_TIMEOUT) {
+    return new Promise((resolve, reject) => {
+      if (this._destroyed) {
+        reject(new Error("Client destroyed"));
+        return;
+      }
+      if (!this.process?.stdin?.writable) {
+        reject(this.lastFailure ?? new Error("app-server is not running (stdin not writable)"));
+        return;
+      }
+      const id = this.nextId++;
+      const timer = setTimeout(() => {
+        this.pending.delete(id);
+        reject(new Error(`Request ${method} timed out after ${timeout}ms`));
+      }, timeout);
+      if (timer.unref) timer.unref();
+      this.pending.set(id, {
+        resolve,
+        reject,
+        timer
+      });
+      try {
+        this.send({ jsonrpc: "2.0", id, method, params });
+      } catch (err) {
+        const pending = this.pending.get(id);
+        if (pending) {
+          this.pending.delete(id);
+          clearTimeout(pending.timer);
+        }
+        reject(err instanceof Error ? err : new Error(String(err)));
+      }
+    });
+  }
+  send(msg) {
+    if (!this.process?.stdin) throw new Error("app-server process not started");
+    if (!this.process.stdin.writable) throw new Error("app-server stdin not writable");
+    const payload = JSON.stringify(msg) + "\n";
+    this.enqueueWrite(payload);
+  }
+  onData(chunk) {
+    this.buffer += this.decoder.write(chunk);
+    const lines = this.buffer.split("\n");
+    this.buffer = lines.pop() ?? "";
+    for (const line of lines) {
+      const trimmed = line.trim();
+      if (!trimmed) continue;
+      if (trimmed[0] !== "{" && trimmed[0] !== "[") {
+        continue;
+      }
+      try {
+        const parsed = JSON.parse(trimmed);
+        if (Array.isArray(parsed)) {
+          for (const item of parsed) {
+            if (item && typeof item === "object") {
+              this.handleMessage(item);
+            }
+          }
+        } else if (parsed && typeof parsed === "object") {
+          this.handleMessage(parsed);
+        }
+      } catch {
+        const error = new Error(
+          `Error [${"PROTOCOL_PARSE_ERROR" /* PROTOCOL_PARSE_ERROR */}]: app-server protocol error: failed to parse JSON line: ${trimmed.slice(0, 200)}`
+        );
+        console.error(`[app-server] ${error.message}`);
+        this.lastFailure ??= error;
+        this.failAllPending(error);
+        try {
+          this.terminate("SIGTERM");
+        } catch (terminateErr) {
+          console.error(
+            `[app-server] Failed to terminate app-server after protocol parse error: ${terminateErr instanceof Error ? terminateErr.message : String(terminateErr)}`
+          );
+        }
+      }
+    }
+  }
+  enqueueWrite(payload) {
+    if (!this.process?.stdin?.writable) throw new Error("app-server stdin not writable");
+    if (this.backpressure || this.writeQueue.length > 0) {
+      if (this.queuedBytes + payload.length > MAX_WRITE_QUEUE_BYTES) {
+        const error = new Error(
+          `Error [${"WRITE_QUEUE_DROPPED" /* WRITE_QUEUE_DROPPED */}]: app-server stdin backpressure: write queue exceeded limit`
+        );
+        this.lastFailure = error;
+        this.failAllPending(error);
+        this.writeQueue = [];
+        this.queuedBytes = 0;
+        try {
+          this.terminate("SIGTERM");
+        } catch (terminateErr) {
+          console.error(
+            `[app-server] Failed to terminate app-server after write queue overflow: ${terminateErr instanceof Error ? terminateErr.message : String(terminateErr)}`
+          );
+        }
+        throw error;
+      }
+      this.writeQueue.push(payload);
+      this.queuedBytes += payload.length;
+      return;
+    }
+    try {
+      const ok = this.process.stdin.write(payload);
+      if (!ok) this.backpressure = true;
+    } catch (err) {
+      const error = err instanceof Error ? err : new Error(String(err));
+      this.lastFailure = error;
+      this.failAllPending(error);
+      throw error;
+    }
+  }
+  flushWriteQueue() {
+    if (!this.process?.stdin?.writable) {
+      const dropped = this.dropQueuedWrites("stdin is not writable while flushing");
+      if (dropped) {
+        try {
+          this.terminate("SIGTERM");
+        } catch (terminateErr) {
+          console.error(
+            `[app-server] Failed to terminate app-server after dropping queued writes: ${terminateErr instanceof Error ? terminateErr.message : String(terminateErr)}`
+          );
+        }
+      }
+      return;
+    }
+    this.backpressure = false;
+    while (this.writeQueue.length > 0 && !this.backpressure) {
+      const next = this.writeQueue.shift();
+      this.queuedBytes -= next.length;
+      try {
+        const ok = this.process.stdin.write(next);
+        if (!ok) this.backpressure = true;
+      } catch (err) {
+        const error = err instanceof Error ? err : new Error(String(err));
+        this.lastFailure = error;
+        this.failAllPending(error);
+        this.writeQueue = [];
+        this.queuedBytes = 0;
+        return;
+      }
+    }
+  }
+  dropQueuedWrites(reason) {
+    if (this.writeQueue.length === 0) return false;
+    const error = new Error(`Error [${"WRITE_QUEUE_DROPPED" /* WRITE_QUEUE_DROPPED */}]: ${reason}`);
+    console.error(
+      `[app-server] Dropping ${this.writeQueue.length} queued writes (${this.queuedBytes} bytes): ${reason}`
+    );
+    this.lastFailure = error;
+    this.failAllPending(error);
+    this.writeQueue = [];
+    this.queuedBytes = 0;
+    return true;
+  }
+  handleMessage(msg) {
+    if ("id" in msg && ("result" in msg || "error" in msg)) {
+      const resp = msg;
+      const pending = this.pending.get(resp.id);
+      if (pending) {
+        this.pending.delete(resp.id);
+        clearTimeout(pending.timer);
+        if (resp.error) {
+          pending.reject(new Error(`RPC error ${resp.error.code}: ${resp.error.message}`));
+        } else {
+          pending.resolve(resp.result);
+        }
+      }
+      return;
+    }
+    if ("id" in msg && "method" in msg) {
+      const req = msg;
+      if (this.serverRequestHandler) {
+        this.serverRequestHandler(req.id, req.method, req.params);
+      } else {
+        this.respondErrorToServer(req.id, -32601, `Method not handled: ${req.method}`);
+      }
+      return;
+    }
+    if ("method" in msg && !("id" in msg)) {
+      const notif = msg;
+      if (this.notificationHandler) {
+        this.notificationHandler(notif.method, notif.params);
+      }
+      return;
+    }
+  }
+  failAllPending(error) {
+    if (this.pending.size === 0) return;
+    const entries = Array.from(this.pending.entries());
+    this.pending.clear();
+    for (const [, pending] of entries) {
+      clearTimeout(pending.timer);
+      pending.reject(error);
+    }
+  }
+  /**
+   * Gracefully destroy the client and kill the subprocess.
+   */
+  async destroy() {
+    if (this._destroyed) return;
+    this._destroyed = true;
+    this.failAllPending(new Error("Client destroyed"));
+    if (this.process && !this.process.killed) {
+      const alreadyExited = this.process.exitCode !== null;
+      this.process.stdin?.end();
+      this.terminate("SIGTERM");
+      const forceKill = setTimeout(() => {
+        if (this.process && !this.process.killed) {
+          if (process.platform === "win32" && this.process.pid) {
+            try {
+              spawn("taskkill", ["/PID", String(this.process.pid), "/T", "/F"], {
+                stdio: "ignore",
+                windowsHide: true
+              });
+            } catch (err) {
+              console.error(
+                `[app-server] Failed to force-kill app-server via taskkill: ${err instanceof Error ? err.message : String(err)}`
+              );
+            }
+          } else {
+            this.terminate("SIGKILL");
+          }
+        }
+      }, 5e3);
+      forceKill.unref();
+      if (!alreadyExited) {
+        await new Promise((resolve) => {
+          this.process.on("exit", () => {
+            clearTimeout(forceKill);
+            resolve();
+          });
+          const fallback = setTimeout(resolve, 6e3);
+          fallback.unref();
+        });
+      }
+    }
+    this.process = null;
+    this.removeAllListeners();
+  }
+  terminate(signal) {
+    if (!this.process) return;
+    if (process.platform !== "win32" && this.spawnedDetached && this.process.pid) {
+      try {
+        process.kill(-this.process.pid, signal);
+        return;
+      } catch (err) {
+        console.error(
+          `[app-server] Failed to kill detached process group with ${signal}, falling back to direct kill: ${err instanceof Error ? err.message : String(err)}`
+        );
+      }
+    }
+    try {
+      this.process.kill(signal);
+    } catch (err) {
+      console.error(
+        `[app-server] Failed to send ${signal} to app-server process: ${err instanceof Error ? err.message : String(err)}`
+      );
+    }
+  }
+};
+
+// src/utils/cwd.ts
+import { existsSync as existsSync2, statSync } from "fs";
+import path2 from "path";
+function resolveAndValidateCwd(inputCwd, baseCwd) {
+  const candidate = inputCwd ?? baseCwd;
+  const resolved = path2.isAbsolute(candidate) ? candidate : path2.resolve(baseCwd, candidate);
+  if (!existsSync2(resolved)) {
+    throw new Error(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: cwd does not exist: ${resolved}`);
+  }
+  try {
+    const stat = statSync(resolved);
+    if (!stat.isDirectory()) {
+      throw new Error(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: cwd is not a directory: ${resolved}`);
+    }
+  } catch (err) {
+    if (err instanceof Error && err.message.includes(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]`)) {
+      throw err;
+    }
+    throw new Error(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: cannot access cwd: ${resolved}`);
+  }
+  return resolved;
+}
+
+// src/utils/redact.ts
+function redactPaths(message) {
+  const uncPath = /(^|[\s'"(])\\\\[^\s\\/:]+\\[^\s:]+(?:\\[^\s:]+)*/g;
+  const windowsPath = /\b[A-Za-z]:\\[^\s:]+/g;
+  const posixPath = /(^|[\s'"(])\/[^\s:'")]+/g;
+  return message.replace(uncPath, (_m, prefix) => `${prefix}<path>`).replace(windowsPath, "<path>").replace(posixPath, (_m, prefix) => `${prefix}<path>`);
+}
+
+// src/utils/files.ts
+import { existsSync as existsSync3, statSync as statSync2 } from "fs";
+import path3 from "path";
+function resolveAndValidateFilePath(inputPath, baseDir, label = "path") {
+  const resolved = path3.isAbsolute(inputPath) ? inputPath : path3.resolve(baseDir, inputPath);
+  if (!existsSync3(resolved)) {
+    throw new Error(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: ${label} does not exist: ${resolved}`);
+  }
+  try {
+    const stat = statSync2(resolved);
+    if (!stat.isFile()) {
+      throw new Error(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: ${label} is not a file: ${resolved}`);
+    }
+  } catch (err) {
+    if (err instanceof Error && err.message.includes(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]`)) {
+      throw err;
+    }
+    throw new Error(`Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: cannot access ${label}: ${resolved}`);
+  }
+  return resolved;
+}
+
+// src/session/manager.ts
+var COALESCED_PROGRESS_DELTA_METHODS = /* @__PURE__ */ new Set([
+  Methods.COMMAND_OUTPUT_DELTA,
+  Methods.FILE_CHANGE_OUTPUT_DELTA,
+  Methods.REASONING_TEXT_DELTA,
+  Methods.REASONING_SUMMARY_DELTA
+]);
+var MAX_COALESCED_DELTA_CHARS = 16384;
+var NOISE_FILTER_ENABLED = process.env.CODEX_MCP_DISABLE_NOISE_FILTER !== "1";
+var WINDOWS_TERMINAL_INTEGRATION_PREFIX = `${String.fromCharCode(27)}]633;`;
+var SHELL_NOISE_LINE_PATTERNS = [
+  // oh-my-posh migration / update prompts
+  /oh-my-posh/i,
+  // PSReadLine configuration errors
+  /PSReadLine/i,
+  /Set-PSReadLineOption/i,
+  // PowerShell module auto-import warnings
+  /^WARNING:\s/,
+  // PowerShell profile loading messages
+  /Loading personal and system profiles/i,
+  // conda/mamba init noise that leaks through profiles
+  /^(\(base\)|\(conda\))/,
+  // Common "new version available" nag lines from profile tools
+  /A new version of .+ is available/i
+];
+function stripShellNoise(delta) {
+  if (!NOISE_FILTER_ENABLED) return delta;
+  const lines = delta.split("\n");
+  const cleaned = lines.filter(
+    (line) => !line.includes(WINDOWS_TERMINAL_INTEGRATION_PREFIX) && !SHELL_NOISE_LINE_PATTERNS.some((re) => re.test(line))
+  );
+  if (cleaned.length === 0) return "";
+  return cleaned.join("\n");
+}
+var SessionManager = class {
+  sessions = /* @__PURE__ */ new Map();
+  clients = /* @__PURE__ */ new Map();
+  cancellationInFlight = /* @__PURE__ */ new Map();
+  cleanupTimer = null;
+  createClient;
+  constructor(options = {}) {
+    this.createClient = options.createClient ?? (() => new AppServerClient());
+    if (!options.disableCleanup) {
+      this.cleanupTimer = setInterval(() => this.cleanupSessions(), CLEANUP_INTERVAL_MS);
+      if (this.cleanupTimer.unref) this.cleanupTimer.unref();
+    }
+  }
+  // ── Session Creation ─────────────────────────────────────────────
+  async createSession(prompt, cwd, spawnOpts, effort, advanced) {
+    const sessionId = `sess_${randomUUID().slice(0, 12)}`;
+    const client = this.createClient();
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const approvalTimeoutMs = advanced?.approvalTimeoutMs ?? DEFAULT_APPROVAL_TIMEOUT_MS;
+    const resolvedImages = advanced?.images ? advanced.images.map((p) => resolveAndValidateFilePath(p, cwd, "image")) : void 0;
+    const session = {
+      sessionId,
+      status: "running",
+      lastEventCursor: 0,
+      createdAt: now,
+      lastActiveAt: now,
+      approvalTimeoutMs,
+      cwd,
+      model: spawnOpts.model,
+      profile: spawnOpts.profile,
+      approvalPolicy: spawnOpts.approvalPolicy,
+      sandbox: spawnOpts.sandbox,
+      config: spawnOpts.config,
+      eventBuffer: createEventBuffer(),
+      pendingRequests: /* @__PURE__ */ new Map()
+    };
+    this.sessions.set(sessionId, session);
+    this.clients.set(sessionId, client);
+    try {
+      this.registerHandlers(sessionId, client, approvalTimeoutMs);
+      await client.start(spawnOpts);
+      const threadStartResult = await client.threadStart({
+        cwd,
+        model: spawnOpts.model,
+        approvalPolicy: spawnOpts.approvalPolicy,
+        sandbox: spawnOpts.sandbox,
+        personality: advanced?.personality,
+        ephemeral: advanced?.ephemeral,
+        baseInstructions: advanced?.baseInstructions,
+        developerInstructions: advanced?.developerInstructions,
+        config: advanced?.config
+      });
+      const threadId = extractThreadId(threadStartResult);
+      session.threadId = threadId;
+      const input = [{ type: "text", text: prompt }];
+      if (resolvedImages) {
+        for (const imagePath of resolvedImages) {
+          input.push({ type: "localImage", path: imagePath });
+        }
+      }
+      const turnStartResult = await client.turnStart({
+        threadId,
+        input,
+        effort,
+        summary: advanced?.summary,
+        outputSchema: advanced?.outputSchema
+      });
+      const startedTurnId = extractTurnId(turnStartResult);
+      if (startedTurnId) session.activeTurnId = startedTurnId;
+      return {
+        sessionId,
+        threadId,
+        status: "running",
+        pollInterval: DEFAULT_POLL_INTERVAL
+      };
+    } catch (err) {
+      session.status = "error";
+      pushEvent(session.eventBuffer, "error", {
+        message: redactPaths(err instanceof Error ? err.message : String(err))
+      });
+      await client.destroy();
+      this.clients.delete(sessionId);
+      this.sessions.delete(sessionId);
+      throw err;
+    }
+  }
+  // ── Session Reply ────────────────────────────────────────────────
+  async replyToSession(sessionId, prompt, overrides) {
+    const session = this.getSessionOrThrow(sessionId);
+    const client = this.getClientOrThrow(sessionId);
+    if (session.status === "cancelled") {
+      throw new Error(
+        `Error [${"CANCELLED" /* CANCELLED */}]: Session '${sessionId}' has been cancelled and cannot be resumed`
+      );
+    }
+    if (session.status !== "idle" && session.status !== "error") {
+      throw new Error(
+        `Error [${"SESSION_BUSY" /* SESSION_BUSY */}]: Session '${sessionId}' is ${session.status}, expected idle or error`
+      );
+    }
+    if (!session.threadId) {
+      throw new Error(
+        `Error [${"INTERNAL" /* INTERNAL */}]: Session '${sessionId}' has no threadId, cannot reply`
+      );
+    }
+    clearTerminalEvents(session.eventBuffer);
+    session.status = "running";
+    session.lastActiveAt = (/* @__PURE__ */ new Date()).toISOString();
+    const input = [{ type: "text", text: prompt }];
+    const resolvedCwd = overrides?.cwd ? resolveAndValidateCwd(overrides.cwd, session.cwd) : void 0;
+    const turnParams = {
+      threadId: session.threadId,
+      input,
+      model: overrides?.model,
+      approvalPolicy: overrides?.approvalPolicy,
+      effort: overrides?.effort,
+      summary: overrides?.summary,
+      personality: overrides?.personality,
+      cwd: resolvedCwd,
+      outputSchema: overrides?.outputSchema
+    };
+    if (overrides?.sandbox) {
+      turnParams.sandboxPolicy = toSandboxPolicy(overrides.sandbox);
+    }
+    try {
+      const turnStartResult = await client.turnStart(turnParams);
+      const startedTurnId = extractTurnId(turnStartResult);
+      if (startedTurnId) session.activeTurnId = startedTurnId;
+      if (resolvedCwd) session.cwd = resolvedCwd;
+      if (overrides?.model) session.model = overrides.model;
+      if (overrides?.approvalPolicy) {
+        session.approvalPolicy = overrides.approvalPolicy;
+      }
+      if (overrides?.sandbox) {
+        session.sandbox = overrides.sandbox;
+      }
+    } catch (err) {
+      session.status = "error";
+      pushEvent(session.eventBuffer, "error", {
+        message: redactPaths(
+          `Failed to start turn: ${err instanceof Error ? err.message : String(err)}`
+        )
+      });
+      throw err;
+    }
+    return {
+      sessionId,
+      threadId: session.threadId,
+      status: "running",
+      pollInterval: DEFAULT_POLL_INTERVAL
+    };
+  }
+  // ── Session Management ───────────────────────────────────────────
+  listSessions() {
+    return Array.from(this.sessions.values()).map(toPublicInfo);
+  }
+  /**
+   * Count currently active sessions for lightweight runtime observability.
+   * "Active" here means the session can still be interacted with.
+   */
+  getActiveSessionCount() {
+    let count = 0;
+    for (const session of this.sessions.values()) {
+      if (session.status === "running" || session.status === "waiting_approval" || session.status === "idle") {
+        count++;
+      }
+    }
+    return count;
+  }
+  /**
+   * Best-effort effective default model observed from recent sessions.
+   * Returns null when no model can be inferred from in-memory state.
+   */
+  getObservedDefaultModel() {
+    let latestModel = null;
+    let latestTs = Number.NEGATIVE_INFINITY;
+    for (const session of this.sessions.values()) {
+      if (session.status === "cancelled") continue;
+      if (typeof session.model !== "string" || session.model.length === 0) continue;
+      const ts = Date.parse(session.lastActiveAt);
+      const comparableTs = Number.isFinite(ts) ? ts : Number.NEGATIVE_INFINITY;
+      if (comparableTs >= latestTs) {
+        latestTs = comparableTs;
+        latestModel = session.model;
+      }
+    }
+    return latestModel;
+  }
+  getSession(sessionId, includeSensitive = false) {
+    const session = this.getSessionOrThrow(sessionId);
+    return includeSensitive ? toSensitiveInfo(session) : toPublicInfo(session);
+  }
+  async cancelSession(sessionId, reason) {
+    const existing = this.cancellationInFlight.get(sessionId);
+    if (existing) {
+      await existing;
+      return;
+    }
+    const cancellation = this.performCancelSession(sessionId, reason);
+    this.cancellationInFlight.set(sessionId, cancellation);
+    try {
+      await cancellation;
+    } finally {
+      this.cancellationInFlight.delete(sessionId);
+    }
+  }
+  async performCancelSession(sessionId, reason) {
+    const session = this.getSessionOrThrow(sessionId);
+    if (session.status === "cancelled") return;
+    const client = this.clients.get(sessionId);
+    session.status = "cancelled";
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    session.cancelledAt = now;
+    session.lastActiveAt = now;
+    session.cancelledReason = reason ?? "Cancelled by user";
+    for (const [reqId, req] of session.pendingRequests) {
+      if (req.timeoutHandle) clearTimeout(req.timeoutHandle);
+      if (!req.resolved && req.respond) {
+        req.resolved = true;
+        try {
+          if (req.kind === "command") req.respond({ decision: "cancel" });
+          else if (req.kind === "fileChange") req.respond({ decision: "cancel" });
+          else if (req.kind === "user_input") req.respond({ answers: {} });
+        } catch (err) {
+          console.error(
+            `[codex-mcp] Failed to respond pending request during cancel: session=${sessionId} request=${reqId} kind=${req.kind} error=${err instanceof Error ? err.message : String(err)}`
+          );
+        }
+      }
+      session.pendingRequests.delete(reqId);
+    }
+    pushEvent(
+      session.eventBuffer,
+      "progress",
+      { message: "Session cancelled", cancelledReason: session.cancelledReason },
+      true
+    );
+    const cancelledTurnId = session.activeTurnId ?? "";
+    session.activeTurnId = void 0;
+    session.lastResult = {
+      turnId: cancelledTurnId,
+      status: "cancelled",
+      error: session.cancelledReason,
+      completedAt: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    pushEvent(
+      session.eventBuffer,
+      "result",
+      { status: "cancelled", reason: session.cancelledReason, turnId: cancelledTurnId },
+      true
+    );
+    if (client) {
+      await client.destroy();
+      this.clients.delete(sessionId);
+    }
+  }
+  async interruptSession(sessionId) {
+    const session = this.getSessionOrThrow(sessionId);
+    const client = this.getClientOrThrow(sessionId);
+    if (session.status !== "running" && session.status !== "waiting_approval") {
+      throw new Error(
+        `Error [${"SESSION_NOT_RUNNING" /* SESSION_NOT_RUNNING */}]: Cannot interrupt session in ${session.status} state`
+      );
+    }
+    if (!session.threadId || !session.activeTurnId) {
+      throw new Error(
+        `Error [${"INTERNAL" /* INTERNAL */}]: Missing threadId or activeTurnId for interrupt`
+      );
+    }
+    await client.turnInterrupt({
+      threadId: session.threadId,
+      turnId: session.activeTurnId
+    });
+  }
+  async forkSession(sessionId) {
+    const session = this.getSessionOrThrow(sessionId);
+    const originalClient = this.getClientOrThrow(sessionId);
+    if (!session.threadId) {
+      throw new Error(`Error [${"INTERNAL" /* INTERNAL */}]: No threadId to fork`);
+    }
+    const forkResult = await originalClient.threadFork({ threadId: session.threadId });
+    const forkedThreadId = extractThreadId(forkResult);
+    const newSessionId = `sess_${randomUUID().slice(0, 12)}`;
+    const newClient = this.createClient();
+    const now = (/* @__PURE__ */ new Date()).toISOString();
+    const newSession = {
+      sessionId: newSessionId,
+      status: "idle",
+      lastEventCursor: 0,
+      createdAt: now,
+      lastActiveAt: now,
+      approvalTimeoutMs: session.approvalTimeoutMs,
+      cwd: session.cwd,
+      model: session.model,
+      profile: session.profile,
+      approvalPolicy: session.approvalPolicy,
+      sandbox: session.sandbox,
+      config: session.config,
+      eventBuffer: createEventBuffer(),
+      pendingRequests: /* @__PURE__ */ new Map()
+    };
+    this.sessions.set(newSessionId, newSession);
+    this.clients.set(newSessionId, newClient);
+    try {
+      this.registerHandlers(newSessionId, newClient, newSession.approvalTimeoutMs);
+      await newClient.start({
+        profile: session.profile,
+        model: session.model,
+        approvalPolicy: session.approvalPolicy,
+        sandbox: session.sandbox,
+        config: session.config
+      });
+      await newClient.threadResume({ threadId: forkedThreadId });
+      newSession.threadId = forkedThreadId;
+      return {
+        sessionId: newSessionId,
+        threadId: forkedThreadId,
+        status: "idle",
+        pollInterval: DEFAULT_POLL_INTERVAL
+      };
+    } catch (err) {
+      const errorMessage = redactPaths(err instanceof Error ? err.message : String(err));
+      console.error(
+        `[codex-mcp] forkSession failed after thread/fork created thread=${forkedThreadId}. The app-server protocol does not currently expose a guaranteed thread-delete RPC, so manual cleanup may be required.`
+      );
+      newSession.status = "error";
+      try {
+        await newClient.destroy();
+      } catch (destroyErr) {
+        console.error(
+          `[codex-mcp] Failed to destroy forked app-server client after resume failure: session=${newSessionId} error=${destroyErr instanceof Error ? destroyErr.message : String(destroyErr)}`
+        );
+      }
+      this.clients.delete(newSessionId);
+      this.sessions.delete(newSessionId);
+      throw new Error(
+        `Error [${"THREAD_FORK_RESUME_FAILED" /* THREAD_FORK_RESUME_FAILED */}]: Failed to resume forked thread '${forkedThreadId}' in new app-server process: ${errorMessage}`
+      );
+    }
+  }
+  // ── Event Polling ────────────────────────────────────────────────
+  pollEvents(sessionId, cursor, maxEvents = DEFAULT_MAX_EVENTS, options = {}) {
+    const session = this.getSessionOrThrow(sessionId);
+    const buf = session.eventBuffer;
+    const responseMode = options.responseMode ?? "full";
+    const pollOptions = options.pollOptions;
+    const includeEvents = pollOptions?.includeEvents ?? true;
+    const includeActions = pollOptions?.includeActions ?? true;
+    const includeResult = pollOptions?.includeResult ?? true;
+    const maxBytes = pollOptions?.maxBytes;
+    const effectiveCursor = cursor ?? session.lastEventCursor;
+    let events = includeEvents ? buf.events.filter((e) => e.id >= effectiveCursor) : [];
+    let cursorResetTo;
+    if (includeEvents && buf.events.length > 0) {
+      const earliest = buf.events[0].id;
+      if (earliest > effectiveCursor) {
+        cursorResetTo = earliest;
+        events = buf.events;
+      }
+    }
+    const cursorFloor = cursorResetTo ?? effectiveCursor;
+    if (events.length > maxEvents) {
+      events = events.slice(0, maxEvents);
+    }
+    let nextCursor = clampCursorToLatest(
+      events.length > 0 ? events[events.length - 1].id + 1 : cursorFloor,
+      buf.nextId
+    );
+    const actions = [];
+    if (includeActions) {
+      for (const [, req] of session.pendingRequests) {
+        if (!req.resolved) {
+          actions.push({
+            type: req.kind === "user_input" ? "user_input" : "approval",
+            requestId: req.requestId,
+            kind: req.kind,
+            params: req.params,
+            itemId: req.itemId,
+            reason: req.reason,
+            createdAt: req.createdAt
+          });
+        }
+      }
+    }
+    const result = {
+      sessionId,
+      status: session.status,
+      pollInterval: pollIntervalForStatus(session.status),
+      events: events.map((event) => serializeEventForMode(event, responseMode)),
+      nextCursor,
+      cursorResetTo,
+      actions: actions.length > 0 ? actions : void 0,
+      result: includeResult && (session.status === "idle" || session.status === "error" || session.status === "cancelled") ? session.lastResult : void 0
+    };
+    if (pollOptions?.includeTools === true) {
+      addCompatWarningWithinBudget(
+        result,
+        "pollOptions.includeTools is not yet supported by codex-mcp; returning no tool metadata.",
+        maxBytes
+      );
+    }
+    if (typeof maxBytes === "number") {
+      const normalizedMaxBytes = Math.max(1, Math.floor(maxBytes));
+      const hasAnyPayload = result.events.length > 0 || typeof result.actions !== "undefined" || typeof result.result !== "undefined";
+      if (hasAnyPayload && payloadByteSize(result) > normalizedMaxBytes) {
+        const truncatedFields = [];
+        if (result.events.length > 0) {
+          while (result.events.length > 0 && payloadByteSize(result) > normalizedMaxBytes) {
+            result.events.pop();
+          }
+          nextCursor = clampCursorToLatest(
+            result.events.length > 0 ? result.events[result.events.length - 1].id + 1 : cursorFloor,
+            buf.nextId
+          );
+          result.nextCursor = nextCursor;
+          truncatedFields.push("events");
+        }
+        if (typeof result.result !== "undefined" && payloadByteSize(result) > normalizedMaxBytes) {
+          result.result = void 0;
+          truncatedFields.push("result");
+        }
+        if (typeof result.actions !== "undefined" && payloadByteSize(result) > normalizedMaxBytes) {
+          if (session.status === "waiting_approval") {
+            result.actions = compactActionsForBudget(result.actions);
+            while (result.actions.length > 1 && payloadByteSize(result) > normalizedMaxBytes) {
+              result.actions.pop();
+            }
+            truncatedFields.push("actions");
+          }
+          if (typeof result.actions !== "undefined" && payloadByteSize(result) > normalizedMaxBytes) {
+            result.actions = void 0;
+            truncatedFields.push("actions");
+          }
+        }
+        if (truncatedFields.length > 0) {
+          result.truncated = true;
+          result.truncatedFields = Array.from(new Set(truncatedFields));
+          addCompatWarningWithinBudget(
+            result,
+            `Response truncated to respect pollOptions.maxBytes=${normalizedMaxBytes}.`,
+            maxBytes
+          );
+        }
+      }
+    }
+    if (includeEvents) {
+      session.lastEventCursor = persistMonotonicCursor(
+        session.lastEventCursor,
+        result.nextCursor,
+        buf.nextId
+      );
+    }
+    return result;
+  }
+  /**
+   * Monotonic polling helper for respond_* flows.
+   * Uses max(providedCursor, session.lastEventCursor) to avoid replaying
+   * already-consumed history when clients send stale/default cursors.
+   */
+  pollEventsMonotonic(sessionId, cursor, maxEvents = DEFAULT_MAX_EVENTS, options = {}) {
+    const session = this.getSessionOrThrow(sessionId);
+    const sessionCursor = session.lastEventCursor;
+    const staleCursor = typeof cursor === "number" && cursor < sessionCursor;
+    const effectiveCursor = typeof cursor === "number" ? Math.max(cursor, sessionCursor) : void 0;
+    const result = this.pollEvents(sessionId, effectiveCursor, maxEvents, options);
+    if (staleCursor) {
+      addCompatWarningWithinBudget(
+        result,
+        `Provided cursor ${cursor} is stale; used session cursor ${sessionCursor}.`,
+        options.pollOptions?.maxBytes
+      );
+    }
+    return result;
+  }
+  // ── Approval Response ────────────────────────────────────────────
+  resolveApproval(sessionId, requestId, decision, extra) {
+    const session = this.getSessionOrThrow(sessionId);
+    const req = session.pendingRequests.get(requestId);
+    if (!req || req.resolved) {
+      throw new Error(
+        `Error [${"REQUEST_NOT_FOUND" /* REQUEST_NOT_FOUND */}]: Request '${requestId}' not found or already resolved`
+      );
+    }
+    if (req.kind === "command") {
+      if (!COMMAND_DECISIONS.includes(decision)) {
+        throw new Error(
+          `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: Invalid command decision '${decision}'`
+        );
+      }
+      if (decision === "acceptWithExecpolicyAmendment" && (!extra?.execpolicyAmendment || extra.execpolicyAmendment.length === 0)) {
+        throw new Error(
+          `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: execpolicyAmendment required for acceptWithExecpolicyAmendment`
+        );
+      }
+    } else if (req.kind === "fileChange") {
+      if (!FILE_CHANGE_DECISIONS.includes(decision)) {
+        throw new Error(
+          `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: Invalid fileChange decision '${decision}'`
+        );
+      }
+    } else {
+      throw new Error(
+        `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: Request '${requestId}' is not an approval request`
+      );
+    }
+    let response;
+    if (req.kind === "command") {
+      response = buildCommandApprovalResponse(decision, extra?.execpolicyAmendment);
+    } else if (req.kind === "fileChange") {
+      response = { decision };
+    }
+    if (!response) {
+      throw new Error(
+        `Error [${"INTERNAL" /* INTERNAL */}]: Failed to build approval response for request '${requestId}'`
+      );
+    }
+    sendPendingRequestResponseOrThrow(req, response, sessionId, requestId);
+    req.resolved = true;
+    req.decision = decision;
+    if (req.timeoutHandle) clearTimeout(req.timeoutHandle);
+    pushEvent(
+      session.eventBuffer,
+      "approval_result",
+      {
+        requestId,
+        kind: req.kind,
+        decision,
+        denyMessage: extra?.denyMessage
+      },
+      true
+    );
+    session.pendingRequests.delete(requestId);
+    if (session.pendingRequests.size === 0 && session.status === "waiting_approval") {
+      session.status = "running";
+    }
+  }
+  // ── User Input Response ──────────────────────────────────────────
+  resolveUserInput(sessionId, requestId, answers) {
+    const session = this.getSessionOrThrow(sessionId);
+    const req = session.pendingRequests.get(requestId);
+    if (!req || req.resolved || req.kind !== "user_input") {
+      throw new Error(
+        `Error [${"REQUEST_NOT_FOUND" /* REQUEST_NOT_FOUND */}]: User input request '${requestId}' not found`
+      );
+    }
+    sendPendingRequestResponseOrThrow(
+      req,
+      { answers },
+      sessionId,
+      requestId
+    );
+    req.resolved = true;
+    if (req.timeoutHandle) clearTimeout(req.timeoutHandle);
+    pushEvent(
+      session.eventBuffer,
+      "approval_result",
+      {
+        requestId,
+        kind: "user_input",
+        answers
+      },
+      true
+    );
+    session.pendingRequests.delete(requestId);
+    if (session.pendingRequests.size === 0 && session.status === "waiting_approval") {
+      session.status = "running";
+    }
+  }
+  // ── Cleanup ──────────────────────────────────────────────────────
+  destroy() {
+    if (this.cleanupTimer) {
+      clearInterval(this.cleanupTimer);
+      this.cleanupTimer = null;
+    }
+    this.cancellationInFlight.clear();
+    for (const [, session] of this.sessions) {
+      clearSessionPendingRequests(session);
+    }
+    for (const [id, client] of this.clients) {
+      client.destroy().catch((err) => {
+        console.error(
+          `[codex-mcp] Failed to destroy app-server client during manager.destroy(): session=${id} error=${err instanceof Error ? err.message : String(err)}`
+        );
+      });
+      this.clients.delete(id);
+    }
+    this.sessions.clear();
+  }
+  // ── Private ──────────────────────────────────────────────────────
+  getSessionOrThrow(sessionId) {
+    const session = this.sessions.get(sessionId);
+    if (!session) {
+      throw new Error(`Error [${"SESSION_NOT_FOUND" /* SESSION_NOT_FOUND */}]: Session '${sessionId}' not found`);
+    }
+    return session;
+  }
+  getClientOrThrow(sessionId) {
+    const client = this.clients.get(sessionId);
+    if (!client) {
+      throw new Error(
+        `Error [${"SESSION_NOT_FOUND" /* SESSION_NOT_FOUND */}]: No client for session '${sessionId}'`
+      );
+    }
+    return client;
+  }
+  registerHandlers(sessionId, client, approvalTimeoutMs = DEFAULT_APPROVAL_TIMEOUT_MS) {
+    const session = this.sessions.get(sessionId);
+    client.onNotification((method, params) => {
+      session.lastActiveAt = (/* @__PURE__ */ new Date()).toISOString();
+      const p = params;
+      switch (method) {
+        case Methods.TURN_STARTED:
+          if (session.status === "cancelled") break;
+          session.activeTurnId = p.turn?.id ?? (typeof p.turnId === "string" ? p.turnId : void 0);
+          pushEvent(session.eventBuffer, "progress", { method, ...p });
+          break;
+        case Methods.TURN_COMPLETED: {
+          if (session.status === "cancelled") break;
+          const turnObj = p.turn;
+          const completedTurnId = (typeof p.turnId === "string" ? p.turnId : void 0) ?? turnObj?.id ?? session.activeTurnId ?? "";
+          session.status = "idle";
+          session.activeTurnId = void 0;
+          session.lastResult = {
+            turnId: completedTurnId,
+            output: turnObj?.output,
+            structuredOutput: turnObj?.structuredOutput,
+            turn: p.turn,
+            status: turnObj?.status,
+            turnError: turnObj?.error,
+            completedAt: (/* @__PURE__ */ new Date()).toISOString()
+          };
+          pushEvent(session.eventBuffer, "result", { method, ...p }, true);
+          break;
+        }
+        case Methods.ERROR: {
+          if (session.status === "cancelled") break;
+          const willRetry = p.willRetry;
+          if (!willRetry) {
+            session.status = "error";
+          }
+          {
+            const data = { method, ...p };
+            if (typeof data.message === "string") data.message = redactPaths(data.message);
+            if (typeof data.error === "string") data.error = redactPaths(data.error);
+            if (willRetry) {
+              pushEvent(
+                session.eventBuffer,
+                "progress",
+                {
+                  ...data,
+                  method: "codex-mcp/reconnect",
+                  sourceMethod: method,
+                  phase: "retrying"
+                },
+                true
+              );
+            } else {
+              pushEvent(session.eventBuffer, "error", data, true);
+            }
+          }
+          break;
+        }
+        case Methods.AGENT_MESSAGE_DELTA:
+          pushEvent(session.eventBuffer, "output", { method, delta: p.delta, itemId: p.itemId });
+          break;
+        case Methods.ITEM_COMPLETED:
+          {
+            const item = p.item;
+            const itemType = item && typeof item.type === "string" ? item.type : void 0;
+            const eventType = itemType === "agentMessage" || itemType === "userMessage" ? "output" : "progress";
+            pushEvent(session.eventBuffer, eventType, { method, item: p.item });
+          }
+          break;
+        case Methods.COMMAND_OUTPUT_DELTA: {
+          if (typeof p.delta === "string") {
+            const cleaned = stripShellNoise(p.delta);
+            if (cleaned.length === 0) break;
+            pushEvent(session.eventBuffer, "progress", { method, ...p, delta: cleaned });
+          } else {
+            pushEvent(session.eventBuffer, "progress", { method, ...p });
+          }
+          break;
+        }
+        case Methods.FILE_CHANGE_OUTPUT_DELTA:
+        case Methods.REASONING_TEXT_DELTA:
+        case Methods.REASONING_SUMMARY_DELTA:
+        case Methods.PLAN_DELTA:
+        case Methods.MCP_TOOL_PROGRESS:
+        case Methods.ITEM_STARTED:
+        case Methods.TURN_DIFF_UPDATED:
+        case Methods.TURN_PLAN_UPDATED:
+          pushEvent(session.eventBuffer, "progress", { method, ...p });
+          break;
+        default:
+          break;
+      }
+    });
+    client.onServerRequest((id, method, params) => {
+      if (session.status === "cancelled" || session.status === "error") {
+        respondToTerminalSessionRequest(client, id, method);
+        return;
+      }
+      session.lastActiveAt = (/* @__PURE__ */ new Date()).toISOString();
+      const p = params;
+      switch (method) {
+        case Methods.COMMAND_APPROVAL: {
+          const requestId = `req_${randomUUID().slice(0, 8)}`;
+          const reason = normalizeOptionalString(p.reason);
+          const pending = {
+            requestId,
+            kind: "command",
+            params,
+            itemId: p.itemId,
+            threadId: p.threadId,
+            turnId: p.turnId,
+            reason,
+            createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+            resolved: false,
+            respond: (result) => client.respondToServer(id, result)
+          };
+          pending.timeoutHandle = createUnrefTimeout(() => {
+            if (!pending.resolved) {
+              pending.resolved = true;
+              pending.decision = "decline";
+              try {
+                client.respondToServer(id, { decision: "decline" });
+              } catch (err) {
+                console.error(
+                  `[codex-mcp] Failed to auto-decline command approval timeout: session=${sessionId} request=${requestId} error=${err instanceof Error ? err.message : String(err)}`
+                );
+              }
+              pushEvent(
+                session.eventBuffer,
+                "approval_result",
+                {
+                  requestId,
+                  kind: "command",
+                  decision: "decline",
+                  timeout: true
+                },
+                true
+              );
+              session.pendingRequests.delete(requestId);
+              if (session.pendingRequests.size === 0 && session.status === "waiting_approval") {
+                session.status = "running";
+              }
+            }
+          }, approvalTimeoutMs);
+          session.pendingRequests.set(requestId, pending);
+          session.status = "waiting_approval";
+          pushEvent(
+            session.eventBuffer,
+            "approval_request",
+            {
+              requestId,
+              kind: "command",
+              command: p.command,
+              cwd: p.cwd,
+              reason
+            },
+            true
+          );
+          break;
+        }
+        case Methods.FILE_CHANGE_APPROVAL: {
+          const requestId = `req_${randomUUID().slice(0, 8)}`;
+          const reason = normalizeOptionalString(p.reason);
+          const pending = {
+            requestId,
+            kind: "fileChange",
+            params,
+            itemId: p.itemId,
+            threadId: p.threadId,
+            turnId: p.turnId,
+            reason,
+            createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+            resolved: false,
+            respond: (result) => client.respondToServer(id, result)
+          };
+          pending.timeoutHandle = createUnrefTimeout(() => {
+            if (!pending.resolved) {
+              pending.resolved = true;
+              pending.decision = "decline";
+              try {
+                client.respondToServer(id, { decision: "decline" });
+              } catch (err) {
+                console.error(
+                  `[codex-mcp] Failed to auto-decline file-change approval timeout: session=${sessionId} request=${requestId} error=${err instanceof Error ? err.message : String(err)}`
+                );
+              }
+              pushEvent(
+                session.eventBuffer,
+                "approval_result",
+                {
+                  requestId,
+                  kind: "fileChange",
+                  decision: "decline",
+                  timeout: true
+                },
+                true
+              );
+              session.pendingRequests.delete(requestId);
+              if (session.pendingRequests.size === 0 && session.status === "waiting_approval") {
+                session.status = "running";
+              }
+            }
+          }, approvalTimeoutMs);
+          session.pendingRequests.set(requestId, pending);
+          session.status = "waiting_approval";
+          pushEvent(
+            session.eventBuffer,
+            "approval_request",
+            {
+              requestId,
+              kind: "fileChange",
+              itemId: p.itemId,
+              reason
+            },
+            true
+          );
+          break;
+        }
+        case Methods.USER_INPUT_REQUEST: {
+          const requestId = `req_${randomUUID().slice(0, 8)}`;
+          const pending = {
+            requestId,
+            kind: "user_input",
+            params,
+            itemId: p.itemId,
+            threadId: p.threadId,
+            turnId: p.turnId,
+            createdAt: (/* @__PURE__ */ new Date()).toISOString(),
+            resolved: false,
+            respond: (result) => client.respondToServer(id, result)
+          };
+          pending.timeoutHandle = createUnrefTimeout(() => {
+            if (!pending.resolved) {
+              pending.resolved = true;
+              try {
+                client.respondToServer(id, { answers: {} });
+              } catch (err) {
+                console.error(
+                  `[codex-mcp] Failed to auto-answer user-input timeout: session=${sessionId} request=${requestId} error=${err instanceof Error ? err.message : String(err)}`
+                );
+              }
+              pushEvent(
+                session.eventBuffer,
+                "approval_result",
+                {
+                  requestId,
+                  kind: "user_input",
+                  timeout: true
+                },
+                true
+              );
+              session.pendingRequests.delete(requestId);
+              if (session.pendingRequests.size === 0 && session.status === "waiting_approval") {
+                session.status = "running";
+              }
+            }
+          }, approvalTimeoutMs);
+          session.pendingRequests.set(requestId, pending);
+          session.status = "waiting_approval";
+          pushEvent(
+            session.eventBuffer,
+            "approval_request",
+            {
+              requestId,
+              kind: "user_input",
+              questions: p.questions
+            },
+            true
+          );
+          break;
+        }
+        case Methods.DYNAMIC_TOOL_CALL:
+          client.respondToServer(id, {
+            success: false,
+            contentItems: [{ type: "inputText", text: "Not supported by codex-mcp" }]
+          });
+          break;
+        case Methods.AUTH_TOKEN_REFRESH:
+          client.respondErrorToServer(id, -32601, "Auth token refresh not supported by codex-mcp");
+          break;
+        case Methods.LEGACY_PATCH_APPROVAL:
+        case Methods.LEGACY_EXEC_APPROVAL:
+          client.respondToServer(id, { decision: "denied" });
+          console.error(`[codex-mcp] Legacy approval request received: ${method}`);
+          break;
+        default:
+          client.respondErrorToServer(id, -32601, `Unhandled server request: ${method}`);
+          break;
+      }
+    });
+    client.on("exit", (code) => {
+      clearSessionPendingRequests(session);
+      if (session.status === "running" || session.status === "waiting_approval") {
+        session.status = "error";
+        const message = `app-server exited unexpectedly (code: ${code})`;
+        setTerminalErrorResult(session, message);
+        pushEvent(
+          session.eventBuffer,
+          "error",
+          {
+            message
+          },
+          true
+        );
+      }
+    });
+    client.on("error", (err) => {
+      clearSessionPendingRequests(session);
+      if (session.status === "running" || session.status === "waiting_approval") {
+        session.status = "error";
+        const message = redactPaths(`app-server error: ${err.message}`);
+        setTerminalErrorResult(session, message);
+        pushEvent(
+          session.eventBuffer,
+          "error",
+          {
+            message
+          },
+          true
+        );
+      }
+    });
+  }
+  cleanupSessions() {
+    const now = Date.now();
+    for (const [id, session] of this.sessions) {
+      const lastActive = new Date(session.lastActiveAt).getTime();
+      if (Number.isNaN(lastActive)) {
+        this.requestCancellation(id, "Invalid timestamp");
+        continue;
+      }
+      const age = now - lastActive;
+      if (session.status === "idle" && age > DEFAULT_IDLE_CLEANUP_MS) {
+        this.requestCancellation(id, "Idle timeout");
+      } else if (session.status === "waiting_approval" && age > DEFAULT_RUNNING_CLEANUP_MS) {
+        this.requestCancellation(id, "Approval timeout");
+      } else if (session.status === "running" && age > DEFAULT_RUNNING_CLEANUP_MS) {
+        this.requestCancellation(id, "Running timeout");
+      } else if ((session.status === "cancelled" || session.status === "error") && age > DEFAULT_TERMINAL_CLEANUP_MS) {
+        this.clients.get(id)?.destroy().catch((err) => {
+          console.error(
+            `[codex-mcp] Failed to destroy app-server client during cleanup: session=${id} error=${err instanceof Error ? err.message : String(err)}`
+          );
+        });
+        this.clients.delete(id);
+        this.sessions.delete(id);
+      }
+    }
+  }
+  requestCancellation(sessionId, reason) {
+    if (this.cancellationInFlight.has(sessionId)) return;
+    this.cancelSession(sessionId, reason).catch((err) => {
+      console.error(
+        `[codex-mcp] Failed to cancel session during cleanup: session=${sessionId} reason=${reason} error=${err instanceof Error ? err.message : String(err)}`
+      );
+    });
+  }
+};
+function pollIntervalForStatus(status) {
+  if (status === "waiting_approval") return WAITING_APPROVAL_POLL_INTERVAL;
+  if (status === "running") return DEFAULT_POLL_INTERVAL;
+  return void 0;
+}
+function createEventBuffer() {
+  return {
+    events: [],
+    maxSize: DEFAULT_EVENT_BUFFER_SIZE,
+    hardMaxSize: DEFAULT_EVENT_BUFFER_HARD_SIZE,
+    nextId: 0
+  };
+}
+function clearTerminalEvents(buf) {
+  buf.events = buf.events.filter((e) => e.type !== "result" && e.type !== "error");
+}
+function clearSessionPendingRequests(session) {
+  const entries = Array.from(session.pendingRequests.entries());
+  session.pendingRequests.clear();
+  for (const [, req] of entries) {
+    if (req.timeoutHandle) clearTimeout(req.timeoutHandle);
+    req.resolved = true;
+  }
+}
+function setTerminalErrorResult(session, message) {
+  const completedAt = (/* @__PURE__ */ new Date()).toISOString();
+  const failedTurnId = session.activeTurnId ?? "";
+  session.activeTurnId = void 0;
+  session.lastResult = {
+    turnId: failedTurnId,
+    status: "error",
+    error: message,
+    completedAt
+  };
+  pushEvent(
+    session.eventBuffer,
+    "result",
+    {
+      status: "error",
+      turnId: failedTurnId,
+      error: message,
+      completedAt
+    },
+    true
+  );
+}
+function createUnrefTimeout(handler, timeoutMs) {
+  const timer = setTimeout(handler, timeoutMs);
+  if (typeof timer.unref === "function") {
+    timer.unref();
+  }
+  return timer;
+}
+function respondToTerminalSessionRequest(client, id, method) {
+  switch (method) {
+    case Methods.COMMAND_APPROVAL:
+    case Methods.FILE_CHANGE_APPROVAL:
+      client.respondToServer(id, { decision: "cancel" });
+      break;
+    case Methods.USER_INPUT_REQUEST:
+      client.respondToServer(id, { answers: {} });
+      break;
+    case Methods.DYNAMIC_TOOL_CALL:
+      client.respondToServer(id, {
+        success: false,
+        contentItems: [{ type: "inputText", text: "Session is terminal" }]
+      });
+      break;
+    case Methods.AUTH_TOKEN_REFRESH:
+      client.respondErrorToServer(id, -32601, "Session is terminal");
+      break;
+    case Methods.LEGACY_PATCH_APPROVAL:
+    case Methods.LEGACY_EXEC_APPROVAL:
+      client.respondToServer(id, { decision: "denied" });
+      break;
+    default:
+      client.respondErrorToServer(id, -32601, `Unhandled server request: ${method}`);
+      break;
+  }
+}
+function normalizeOptionalString(value) {
+  return typeof value === "string" ? value : void 0;
+}
+function sendPendingRequestResponseOrThrow(req, response, sessionId, requestId) {
+  if (!req.respond) {
+    throw new Error(
+      `Error [${"INTERNAL" /* INTERNAL */}]: Missing response handler for request '${requestId}'`
+    );
+  }
+  try {
+    req.respond(response);
+  } catch (err) {
+    throw new Error(
+      `Error [${"INTERNAL" /* INTERNAL */}]: Failed to send response: session=${sessionId} request=${requestId} kind=${req.kind} error=${err instanceof Error ? err.message : String(err)}`
+    );
+  }
+}
+function compactActionsForBudget(actions) {
+  return actions.map((action) => ({
+    type: action.type,
+    requestId: action.requestId,
+    kind: action.kind,
+    params: compactActionParamsForBudget(action),
+    itemId: action.itemId,
+    createdAt: action.createdAt
+  }));
+}
+function compactActionParamsForBudget(action) {
+  if (action.kind !== "user_input" || !isRecord(action.params)) {
+    return void 0;
+  }
+  const rawQuestions = action.params.questions;
+  if (!Array.isArray(rawQuestions)) {
+    return void 0;
+  }
+  const compactQuestions = [];
+  for (const entry of rawQuestions) {
+    if (isRecord(entry) && typeof entry.questionId === "string") {
+      compactQuestions.push({ questionId: entry.questionId });
+    }
+  }
+  return compactQuestions.length > 0 ? { questions: compactQuestions } : void 0;
+}
+function clampCursorToLatest(cursor, latestCursor) {
+  return Math.max(0, Math.min(cursor, latestCursor));
+}
+function persistMonotonicCursor(previousCursor, nextCursor, latestCursor) {
+  const boundedCursor = clampCursorToLatest(nextCursor, latestCursor);
+  return Math.max(previousCursor, boundedCursor);
+}
+function pushEvent(buf, type, data, pinned = false) {
+  if (tryCoalesceProgressDelta(buf, type, data, pinned)) return;
+  buf.events.push({
+    id: buf.nextId++,
+    type,
+    data,
+    timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+    pinned
+  });
+  evictEvents(buf);
+}
+function serializeEventForMode(event, mode) {
+  if (mode === "full") {
+    return { id: event.id, type: event.type, data: event.data, timestamp: event.timestamp };
+  }
+  const minimal = mode === "minimal";
+  return {
+    id: event.id,
+    type: event.type,
+    data: compactEventData(event.data, minimal),
+    timestamp: event.timestamp
+  };
+}
+function compactEventData(data, minimal) {
+  if (!isRecord(data)) return data;
+  const compact = {};
+  if (typeof data.method === "string") {
+    compact.method = data.method;
+  }
+  const preferredKeys = minimal ? [
+    "delta",
+    "message",
+    "error",
+    "status",
+    "phase",
+    "itemId",
+    "turnId",
+    "requestId",
+    "kind",
+    "decision",
+    "timeout",
+    "willRetry",
+    "retryCount",
+    "maxRetries"
+  ] : [
+    "delta",
+    "message",
+    "error",
+    "status",
+    "phase",
+    "itemId",
+    "turnId",
+    "requestId",
+    "kind",
+    "decision",
+    "timeout",
+    "willRetry",
+    "retryCount",
+    "maxRetries",
+    "reason",
+    "command",
+    "cwd",
+    "sourceMethod"
+  ];
+  for (const key of preferredKeys) {
+    if (key in data) {
+      compact[key] = data[key];
+    }
+  }
+  if (typeof compact.delta === "string") {
+    const limit = minimal ? 256 : 2048;
+    if (compact.delta.length > limit) {
+      compact.delta = compact.delta.slice(0, limit);
+      compact.deltaTruncated = true;
+    }
+  }
+  if (Object.keys(compact).length === 0) {
+    return minimal ? { summary: "omitted for minimal response mode" } : { ...data };
+  }
+  return compact;
+}
+function payloadByteSize(value) {
+  return Buffer.byteLength(JSON.stringify(value), "utf8");
+}
+function addCompatWarning(result, warning) {
+  if (!result.compatWarnings) {
+    result.compatWarnings = [];
+  }
+  result.compatWarnings.push(warning);
+}
+function addCompatWarningWithinBudget(result, warning, maxBytes) {
+  const previousWarnings = result.compatWarnings ? [...result.compatWarnings] : void 0;
+  addCompatWarning(result, warning);
+  if (typeof maxBytes !== "number") {
+    return;
+  }
+  const normalizedMaxBytes = Math.max(1, Math.floor(maxBytes));
+  if (payloadByteSize(result) <= normalizedMaxBytes) {
+    return;
+  }
+  if (!previousWarnings || previousWarnings.length === 0) {
+    result.compatWarnings = void 0;
+    return;
+  }
+  result.compatWarnings = previousWarnings;
+}
+function tryCoalesceProgressDelta(buf, type, data, pinned) {
+  if (type !== "progress" || pinned || buf.events.length === 0) return false;
+  if (!isRecord(data)) return false;
+  const method = data.method;
+  const delta = data.delta;
+  const itemId = data.itemId;
+  const turnId = data.turnId;
+  const itemKey = typeof itemId === "string" ? itemId : "";
+  const turnKey = typeof turnId === "string" ? turnId : "";
+  if (typeof method !== "string" || !COALESCED_PROGRESS_DELTA_METHODS.has(method) || typeof delta !== "string") {
+    return false;
+  }
+  if (itemKey.length === 0 && turnKey.length === 0) return false;
+  const last = buf.events[buf.events.length - 1];
+  if (last.type !== "progress" || last.pinned || !isRecord(last.data)) return false;
+  const lastMethod = last.data.method;
+  const lastItemId = last.data.itemId;
+  const lastTurnId = last.data.turnId;
+  const lastDelta = last.data.delta;
+  const lastItemKey = typeof lastItemId === "string" ? lastItemId : "";
+  const lastTurnKey = typeof lastTurnId === "string" ? lastTurnId : "";
+  if (lastMethod !== method || lastItemKey !== itemKey || lastTurnKey !== turnKey || typeof lastDelta !== "string") {
+    return false;
+  }
+  if (lastDelta.length + delta.length > MAX_COALESCED_DELTA_CHARS) return false;
+  last.data = {
+    ...last.data,
+    delta: `${lastDelta}${delta}`
+  };
+  last.timestamp = (/* @__PURE__ */ new Date()).toISOString();
+  return true;
+}
+function evictEvents(buf) {
+  while (buf.events.length > buf.maxSize) {
+    const idx = buf.events.findIndex((e) => !e.pinned);
+    if (idx === -1) break;
+    buf.events.splice(idx, 1);
+  }
+  while (buf.events.length > buf.maxSize) {
+    const idx = buf.events.findIndex((e) => e.type === "approval_result");
+    if (idx === -1) break;
+    buf.events.splice(idx, 1);
+  }
+  if (buf.events.length <= buf.hardMaxSize) return;
+  const overflow = buf.events.length - buf.hardMaxSize;
+  const approvalResultIdx = [];
+  const nonPinnedIdx = [];
+  const pinnedNonCriticalIdx = [];
+  const criticalPinnedIdx = [];
+  for (let i = 0; i < buf.events.length; i++) {
+    const event = buf.events[i];
+    if (event.type === "approval_result") {
+      approvalResultIdx.push(i);
+    } else if (!event.pinned) {
+      nonPinnedIdx.push(i);
+    } else if (!isHardPinnedCriticalType(event.type)) {
+      pinnedNonCriticalIdx.push(i);
+    } else {
+      criticalPinnedIdx.push(i);
+    }
+  }
+  const drop = /* @__PURE__ */ new Set();
+  const take = (indices) => {
+    for (const idx of indices) {
+      if (drop.size >= overflow) break;
+      drop.add(idx);
+    }
+  };
+  take(approvalResultIdx);
+  take(nonPinnedIdx);
+  take(pinnedNonCriticalIdx);
+  const beforeCritical = drop.size;
+  take(criticalPinnedIdx);
+  if (drop.size > beforeCritical) {
+    console.error(
+      "[codex-mcp] Event buffer hard limit exceeded with only critical pinned events; evicting oldest event."
+    );
+  }
+  if (drop.size === 0) return;
+  buf.events = buf.events.filter((_, idx) => !drop.has(idx));
+}
+function isHardPinnedCriticalType(type) {
+  return type === "approval_request" || type === "result" || type === "error";
+}
+function toPublicInfo(session) {
+  return {
+    sessionId: session.sessionId,
+    status: session.status,
+    createdAt: session.createdAt,
+    lastActiveAt: session.lastActiveAt,
+    cancelledAt: session.cancelledAt,
+    cancelledReason: session.cancelledReason,
+    model: session.model,
+    approvalPolicy: session.approvalPolicy,
+    sandbox: session.sandbox,
+    pendingRequestCount: Array.from(session.pendingRequests.values()).filter((r) => !r.resolved).length
+  };
+}
+function toSensitiveInfo(session) {
+  return {
+    ...toPublicInfo(session),
+    threadId: session.threadId,
+    cwd: session.cwd,
+    profile: session.profile,
+    config: session.config
+  };
+}
+function buildCommandApprovalResponse(decision, execpolicyAmendment) {
+  if (decision === "acceptWithExecpolicyAmendment") {
+    if (!execpolicyAmendment || execpolicyAmendment.length === 0) {
+      throw new Error(
+        `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: execpolicyAmendment required for acceptWithExecpolicyAmendment`
+      );
+    }
+    return {
+      decision: {
+        acceptWithExecpolicyAmendment: {
+          execpolicy_amendment: execpolicyAmendment
+        }
+      }
+    };
+  }
+  return { decision };
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null;
+}
+function extractThreadId(result) {
+  if (!isRecord(result)) {
+    throw new Error(`Error [${"INTERNAL" /* INTERNAL */}]: Invalid thread response: expected object`);
+  }
+  const direct = result.threadId;
+  if (typeof direct === "string" && direct.length > 0) return direct;
+  const thread = result.thread;
+  if (isRecord(thread) && typeof thread.id === "string" && thread.id.length > 0) return thread.id;
+  throw new Error(`Error [${"INTERNAL" /* INTERNAL */}]: Invalid thread response: missing thread id`);
+}
+function extractTurnId(result) {
+  if (!isRecord(result)) return void 0;
+  const direct = result.turnId;
+  if (typeof direct === "string" && direct.length > 0) return direct;
+  const turn = result.turn;
+  if (isRecord(turn) && typeof turn.id === "string" && turn.id.length > 0) return turn.id;
+  return void 0;
+}
+
+// src/utils/config.ts
+function extractSpawnOptions(params) {
+  return {
+    profile: params.profile,
+    model: params.model,
+    approvalPolicy: params.approvalPolicy,
+    sandbox: params.sandbox,
+    config: params.advanced?.config
+  };
+}
+
+// src/tools/codex.ts
+async function executeCodex(args, sessionManager, serverCwd) {
+  const cwd = resolveAndValidateCwd(args.cwd, serverCwd);
+  const spawnOpts = extractSpawnOptions(args);
+  const effort = args.effort ?? DEFAULT_EFFORT_LEVEL;
+  return sessionManager.createSession(args.prompt, cwd, spawnOpts, effort, args.advanced);
+}
+
+// src/tools/codex-reply.ts
+async function executeCodexReply(args, sessionManager) {
+  return sessionManager.replyToSession(args.sessionId, args.prompt, {
+    model: args.model,
+    approvalPolicy: args.approvalPolicy,
+    effort: args.effort,
+    summary: args.summary,
+    personality: args.personality,
+    sandbox: args.sandbox,
+    cwd: args.cwd,
+    outputSchema: args.outputSchema
+  });
+}
+
+// src/tools/codex-session.ts
+async function executeCodexSession(args, sessionManager) {
+  switch (args.action) {
+    case "list":
+      return { sessions: sessionManager.listSessions() };
+    case "get":
+      if (!args.sessionId) {
+        return {
+          error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: sessionId required for 'get'`,
+          isError: true
+        };
+      }
+      return sessionManager.getSession(args.sessionId, args.includeSensitive);
+    case "cancel":
+      if (!args.sessionId) {
+        return {
+          error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: sessionId required for 'cancel'`,
+          isError: true
+        };
+      }
+      await sessionManager.cancelSession(args.sessionId);
+      return { success: true, message: `Session ${args.sessionId} cancelled` };
+    case "interrupt":
+      if (!args.sessionId) {
+        return {
+          error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: sessionId required for 'interrupt'`,
+          isError: true
+        };
+      }
+      await sessionManager.interruptSession(args.sessionId);
+      return { success: true, message: `Session ${args.sessionId} interrupted` };
+    case "fork":
+      if (!args.sessionId) {
+        return {
+          error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: sessionId required for 'fork'`,
+          isError: true
+        };
+      }
+      return await sessionManager.forkSession(args.sessionId);
+    default:
+      return {
+        error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: Unknown action '${args.action}'`,
+        isError: true
+      };
+  }
+}
+
+// src/tools/codex-check.ts
+function executeCodexCheck(args, sessionManager) {
+  const responseMode = args.responseMode ?? "minimal";
+  const pollOptions = args.pollOptions;
+  switch (args.action) {
+    case "poll": {
+      const maxEvents = typeof args.maxEvents === "number" ? Math.max(POLL_MIN_MAX_EVENTS, args.maxEvents) : POLL_DEFAULT_MAX_EVENTS;
+      return sessionManager.pollEvents(args.sessionId, args.cursor, maxEvents, {
+        responseMode,
+        pollOptions
+      });
+    }
+    case "respond_permission":
+    case "respond_approval": {
+      if (!args.requestId || !args.decision) {
+        return {
+          error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: requestId and decision required for respond_permission/respond_approval`,
+          isError: true
+        };
+      }
+      try {
+        sessionManager.resolveApproval(args.sessionId, args.requestId, args.decision, {
+          execpolicyAmendment: args.execpolicyAmendment,
+          denyMessage: args.denyMessage
+        });
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return { error: message, isError: true };
+      }
+      const maxEvents = args.maxEvents ?? RESPOND_DEFAULT_MAX_EVENTS;
+      const result = sessionManager.pollEventsMonotonic(args.sessionId, args.cursor, maxEvents, {
+        responseMode,
+        pollOptions
+      });
+      if (args.action === "respond_approval") {
+        return addWarning(
+          result,
+          "Action 'respond_approval' is deprecated, use 'respond_permission'.",
+          pollOptions?.maxBytes
+        );
+      }
+      return result;
+    }
+    case "respond_user_input": {
+      if (!args.requestId || !args.answers) {
+        return {
+          error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: requestId and answers required for respond_user_input`,
+          isError: true
+        };
+      }
+      try {
+        sessionManager.resolveUserInput(args.sessionId, args.requestId, args.answers);
+      } catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return { error: message, isError: true };
+      }
+      const maxEvents = args.maxEvents ?? RESPOND_DEFAULT_MAX_EVENTS;
+      return sessionManager.pollEventsMonotonic(args.sessionId, args.cursor, maxEvents, {
+        responseMode,
+        pollOptions
+      });
+    }
+    default:
+      return {
+        error: `Error [${"INVALID_ARGUMENT" /* INVALID_ARGUMENT */}]: Unknown action '${args.action}'`,
+        isError: true
+      };
+  }
+}
+function addWarning(result, warning, maxBytes) {
+  if (!result.compatWarnings) result.compatWarnings = [];
+  result.compatWarnings.push(warning);
+  if (typeof maxBytes !== "number") {
+    return result;
+  }
+  const normalizedMaxBytes = Math.max(1, Math.floor(maxBytes));
+  if (Buffer.byteLength(JSON.stringify(result), "utf8") <= normalizedMaxBytes) {
+    return result;
+  }
+  if (result.compatWarnings.length > 1) {
+    result.compatWarnings.pop();
+  } else {
+    result.compatWarnings = void 0;
+  }
+  return result;
+}
+
+// src/resources/register-resources.ts
+import { spawnSync } from "child_process";
+
+// src/utils/stdio-guard.ts
+var STDIO_MODES = ["auto", "strict", "off"];
+function resolveStdioMode(env = process.env) {
+  const raw = env.CODEX_MCP_STDIO_MODE;
+  if (raw === void 0) {
+    return { mode: "auto", source: "default" };
+  }
+  const normalized = raw.trim().toLowerCase();
+  if (normalized === "") {
+    return { mode: "auto", source: "default" };
+  }
+  if (STDIO_MODES.includes(normalized)) {
+    return { mode: normalized, source: "env" };
+  }
+  return { mode: "auto", source: "env_invalid", invalidRaw: raw };
+}
+function runStdioPreflight(opts = {}) {
+  const platform = opts.platform ?? process.platform;
+  const env = opts.env ?? process.env;
+  const stdinIsTTY = opts.stdinIsTTY ?? Boolean(process.stdin.isTTY);
+  const stdoutIsTTY = opts.stdoutIsTTY ?? Boolean(process.stdout.isTTY);
+  const modeResolution = resolveStdioMode(env);
+  const notes = [];
+  const riskReasons = [];
+  if (modeResolution.source === "env_invalid" && modeResolution.invalidRaw) {
+    notes.push(
+      `Invalid CODEX_MCP_STDIO_MODE='${modeResolution.invalidRaw}'. Falling back to 'auto'.`
+    );
+  }
+  if (modeResolution.mode === "off") {
+    return {
+      mode: modeResolution.mode,
+      modeSource: modeResolution.source,
+      invalidMode: modeResolution.invalidRaw,
+      riskLevel: "low",
+      riskReasons: [],
+      blockingReasons: [],
+      notes,
+      suggestions: [],
+      shouldBlock: false
+    };
+  }
+  const blockingReasons = [];
+  if (platform === "win32" && looksLikePowerShell(env)) {
+    riskReasons.push(
+      "PowerShell environment detected on Windows; shell profiles can print banner text to stdout."
+    );
+  }
+  if (stdinIsTTY || stdoutIsTTY) {
+    const ttyRisk = "STDIO appears attached to a terminal (TTY). MCP clients should launch codex-mcp with piped stdio.";
+    notes.push(ttyRisk);
+    riskReasons.push(ttyRisk);
+    blockingReasons.push(ttyRisk);
+  }
+  const riskLevel = riskReasons.length > 0 ? "elevated" : "low";
+  const shouldBlock = modeResolution.mode === "strict" && blockingReasons.length > 0;
+  return {
+    mode: modeResolution.mode,
+    modeSource: modeResolution.source,
+    invalidMode: modeResolution.invalidRaw,
+    riskLevel,
+    riskReasons,
+    blockingReasons,
+    notes,
+    suggestions: riskReasons.length > 0 ? buildFixSuggestions(platform) : [],
+    shouldBlock
+  };
+}
+function looksLikePowerShell(env) {
+  return Boolean(
+    env.POWERSHELL_DISTRIBUTION_CHANNEL || env.PSModulePath || env.PSExecutionPolicyPreference || env.PSModuleAnalysisCachePath
+  );
+}
+function buildFixSuggestions(platform) {
+  const generic = [
+    "Prefer direct MCP config launch: command='npx', args=['-y', '@leo000001/codex-mcp']",
+    "Keep server stdout strictly JSON-RPC; route diagnostics to stderr only.",
+    "codex-mcp cannot sanitize shell/profile stdout once emitted before MCP handshake."
+  ];
+  if (platform === "win32") {
+    return [
+      'If shell wrapping is required, use: pwsh -NoProfile -Command "npx -y @leo000001/codex-mcp"',
+      "Disable noisy PowerShell profile output (oh-my-posh banners, startup prompts, etc.).",
+      ...generic
+    ];
+  }
+  return generic;
+}
+
+// src/resources/register-resources.ts
+var RESOURCE_SCHEME = "codex-mcp";
+var RESOURCE_URIS = {
+  serverInfo: `${RESOURCE_SCHEME}:///server-info`,
+  compatReport: `${RESOURCE_SCHEME}:///compat-report`,
+  config: `${RESOURCE_SCHEME}:///config`,
+  gotchas: `${RESOURCE_SCHEME}:///gotchas`,
+  quickstart: `${RESOURCE_SCHEME}:///quickstart`,
+  errors: `${RESOURCE_SCHEME}:///errors`
+};
+var RESOURCE_CATALOG = [
+  {
+    key: "serverInfo",
+    name: "server_info",
+    title: "Server Info",
+    description: "Server metadata and runtime capabilities",
+    mimeType: "application/json"
+  },
+  {
+    key: "compatReport",
+    name: "compat_report",
+    title: "Compat Report",
+    description: "Cross-backend compatibility capability report",
+    mimeType: "application/json"
+  },
+  {
+    key: "config",
+    name: "config",
+    title: "Config Guide",
+    description: "Parameter guide and config.toml mapping",
+    mimeType: "text/markdown"
+  },
+  {
+    key: "gotchas",
+    name: "gotchas",
+    title: "Gotchas",
+    description: "Practical limits and common issues",
+    mimeType: "text/markdown"
+  },
+  {
+    key: "quickstart",
+    name: "quickstart",
+    title: "Quickstart",
+    description: "Minimal end-to-end workflow",
+    mimeType: "text/markdown"
+  },
+  {
+    key: "errors",
+    name: "errors",
+    title: "Errors",
+    description: "Error code reference and recovery hints",
+    mimeType: "text/markdown"
+  }
+];
+var ERROR_CODE_HINTS = {
+  ["INVALID_ARGUMENT" /* INVALID_ARGUMENT */]: "Input shape/value mismatch. Fix payload and retry.",
+  ["SESSION_NOT_FOUND" /* SESSION_NOT_FOUND */]: "Unknown sessionId or already cleaned up.",
+  ["SESSION_BUSY" /* SESSION_BUSY */]: "Session is running or waiting approval. Poll until idle/error.",
+  ["SESSION_NOT_RUNNING" /* SESSION_NOT_RUNNING */]: "Action requires running/waiting_approval session.",
+  ["REQUEST_NOT_FOUND" /* REQUEST_NOT_FOUND */]: "requestId was resolved, stale, or never existed.",
+  ["TIMEOUT" /* TIMEOUT */]: "Operation timed out. Retry or use a longer timeout where supported.",
+  ["CANCELLED" /* CANCELLED */]: "Session was cancelled and cannot be resumed.",
+  ["APP_SERVER_START_FAILED" /* APP_SERVER_START_FAILED */]: "codex app-server failed to boot. Check CLI install/path.",
+  ["THREAD_FORK_RESUME_FAILED" /* THREAD_FORK_RESUME_FAILED */]: "Forked thread could not resume in new process. Retry fork from current source session.",
+  ["PROTOCOL_PARSE_ERROR" /* PROTOCOL_PARSE_ERROR */]: "Non-JSON or malformed app-server line. Check shell/profile noise and transport health.",
+  ["WRITE_QUEUE_DROPPED" /* WRITE_QUEUE_DROPPED */]: "stdin backpressure overflow. Reduce burst size and re-run in smaller turns.",
+  ["INTERNAL" /* INTERNAL */]: "Unexpected server-side failure. Inspect logs and retry safely."
+};
+function asTextResource(uri, text, mimeType) {
+  return {
+    contents: [
+      {
+        uri: uri.toString(),
+        text,
+        mimeType
+      }
+    ]
+  };
+}
+function detectCodexCliVersion(timeoutMs = 1500) {
+  try {
+    const run = spawnSync("codex", ["--version"], {
+      encoding: "utf8",
+      timeout: timeoutMs,
+      windowsHide: true
+    });
+    const combined = `${run.stdout ?? ""}
+${run.stderr ?? ""}`.trim();
+    if (!combined) return null;
+    const versionToken = combined.match(/v?\d+\.\d+\.\d+(?:[-+][0-9A-Za-z.-]+)?/);
+    if (!versionToken) return combined.split(/\s+/)[0] ?? null;
+    return versionToken[0].replace(/^v/, "");
+  } catch {
+    return null;
+  }
+}
+function msToMinutes(ms) {
+  return Math.floor(ms / 6e4);
+}
+function buildConfigGuideText() {
+  return [
+    "## Top-level parameters (`codex`)",
+    "",
+    "- Required: `prompt`, `approvalPolicy`, `sandbox`.",
+    "- Optional: `effort` (default `low`), `cwd` (default server cwd), `model` (default config.toml), `profile` (default CLI profile), `advanced`.",
+    "- Prefer passing `cwd` explicitly to avoid accidental server-cwd execution.",
+    "",
+    "## `advanced.*` guide",
+    "",
+    "- `advanced.baseInstructions`: replace default system instructions for this session (default: unchanged).",
+    "- `advanced.developerInstructions`: append extra developer instructions (default: none).",
+    "- `advanced.personality`: optional personality preset (default: config.toml).",
+    "- `advanced.summary`: summary verbosity preset for turn output (default: config.toml).",
+    "- `advanced.ephemeral`: do not persist thread state remotely (default `false`).",
+    "- `advanced.images`: local image file paths on the same host as codex-mcp (default: none).",
+    `- \`advanced.approvalTimeoutMs\`: auto-decline timeout for approval/user-input requests (default \`${DEFAULT_APPROVAL_TIMEOUT_MS}\` ms).`,
+    "- `advanced.outputSchema`: JSON Schema for structured output from `codex` turns (default: none).",
+    "",
+    "## `advanced.config` mapping",
+    "",
+    "Forwarded as `-c key=value` flags to `codex app-server`.",
+    "Primitives use `String(value)`; objects/arrays use `JSON.stringify(value)`.",
+    "",
+    "Prefer dedicated top-level params when available:",
+    "",
+    "- `codex.model` -> `-c model=...`",
+    "- `codex.approvalPolicy` -> `-c approval_policy=...`",
+    "- `codex.sandbox` -> `-c sandbox_mode=...`",
+    "- `codex.effort` -> turn-level reasoning effort (do not encode in `advanced.config`)",
+    "- `codex.profile` -> `-p ...`",
+    "",
+    "## `codex_reply` differences",
+    "",
+    "- `codex_reply.outputSchema` is top-level.",
+    "- `codex.outputSchema` lives under `advanced.outputSchema`.",
+    "- `codex_reply` can override `model`, `approvalPolicy`, `sandbox`, `effort`, `summary`, `personality`, and `cwd`.",
+    "- `codex_reply` only works when session state is `idle` or `error`; otherwise returns `SESSION_BUSY`.",
+    "- All `codex_reply` override fields default to no override when omitted.",
+    "",
+    "## Override persistence (`codex_reply`)",
+    "",
+    "- `model`, `approvalPolicy`, `sandbox`, and `cwd` update in-memory session defaults for later turns.",
+    "- `effort`, `summary`, `personality`, and `outputSchema` apply to the submitted turn payload.",
+    "",
+    "## Version compatibility note",
+    "",
+    "Available `advanced.config` keys depend on installed Codex CLI version.",
+    "To inspect your local CLI version, read `codex-mcp:///server-info` (`codexCliVersion`).",
+    "",
+    "## Other tool defaults (quick reference)",
+    "",
+    "- `codex_session.includeSensitive`: default `false`.",
+    `- \`codex_check.poll.maxEvents\`: default \`${POLL_DEFAULT_MAX_EVENTS}\` (minimum \`${POLL_MIN_MAX_EVENTS}\`).`,
+    `- \`codex_check.respond_*.maxEvents\`: default \`${RESPOND_DEFAULT_MAX_EVENTS}\`.`,
+    "- `codex_check.responseMode`: default `minimal` (`minimal` / `delta_compact` / `full`).",
+    "- `codex_check.pollOptions.includeEvents`: default `true`.",
+    "- `codex_check.pollOptions.includeActions`: default `true`.",
+    "- `codex_check.pollOptions.includeResult`: default `true`.",
+    "- `codex_check.pollOptions.maxBytes`: default unlimited.",
+    "- `codex_check.cursor`: default is session last consumed cursor when omitted.",
+    ""
+  ].join("\n");
+}
+function buildGotchasText() {
+  return [
+    "## Polling and cursors",
+    "",
+    '- Sessions are async. Poll `codex_check(action="poll")` until status is `idle`/`error`/`cancelled`.',
+    "- Store `nextCursor` and pass it back to avoid replay.",
+    `- Poll default is \`maxEvents=${POLL_DEFAULT_MAX_EVENTS}\` (authoritative: tool schema / constants).`,
+    `- Poll enforces minimum \`maxEvents=${POLL_MIN_MAX_EVENTS}\`; sending \`0\` is normalized to \`${POLL_MIN_MAX_EVENTS}\`.`,
+    `- \`respond_permission\` and \`respond_user_input\` default to compact ACK with \`maxEvents=${RESPOND_DEFAULT_MAX_EVENTS}\`.`,
+    "- `respond_approval` is a deprecated alias for `respond_permission`.",
+    "- Default response mode is `minimal`; use `full` if you need full raw event payloads.",
+    "- respond_* uses monotonic cursor handling: `max(cursor, sessionLastCursor)`.",
+    "- If `cursorResetTo` is present, your cursor is stale (old events were evicted); restart from that value.",
+    "",
+    "## Approval behavior",
+    "",
+    `- Pending approvals/user-input auto-decline after \`approvalTimeoutMs\` (default ${DEFAULT_APPROVAL_TIMEOUT_MS} ms).`,
+    "- `untrusted` behavior is enforced by Codex CLI backend and may auto-allow some low-risk commands.",
+    "- Do not assume every read-only command will always require approval across CLI versions.",
+    "",
+    "## Event model",
+    "",
+    "- Top-level `events[].type` is one of: `output`, `progress`, `approval_request`, `approval_result`, `result`, `error`.",
+    "- Fine-grained stream semantics are in `events[].data.method` (for example command output delta, reasoning delta, turn updates).",
+    '- Retryable interruptions surface as `progress` with `method="codex-mcp/reconnect"` and include retry fields.',
+    "- During reconnect/retry, continue polling normally; if retries stop (`willRetry=false`), session transitions to error path.",
+    "",
+    "## Windows shell/profile issues",
+    "",
+    "- On Windows wrappers, prefer `pwsh -NoProfile` to avoid profile/banner stdout noise.",
+    "- Profile noise can affect both MCP handshake and agent-internal command turns.",
+    "- For mojibake, enforce UTF-8 shell output (`chcp 65001`, `$OutputEncoding = [Console]::OutputEncoding = [System.Text.UTF8Encoding]::new()`).",
+    "- Prefer host-native absolute paths for `cwd` and file args (Windows example: `D:\\\\Lab\\\\codex-mcp`).",
+    "",
+    "## Lifecycle and cleanup",
+    "",
+    `- Idle sessions are auto-cleaned after ${msToMinutes(DEFAULT_IDLE_CLEANUP_MS)} minutes.`,
+    `- Running/waiting sessions are auto-cleaned after ${msToMinutes(DEFAULT_RUNNING_CLEANUP_MS)} minutes.`,
+    `- Error/cancelled sessions are retained for about ${msToMinutes(DEFAULT_TERMINAL_CLEANUP_MS)} minutes, then removed.`,
+    "- Session state is in-memory. Restarting codex-mcp drops all existing sessions.",
+    "",
+    "## Capacity",
+    "",
+    "- codex-mcp does not hard-code a strict concurrent-session cap.",
+    "- Practical limit depends on machine resources and child-process load.",
+    ""
+  ].join("\n");
+}
+function buildQuickstartText() {
+  return [
+    "## Minimal flow",
+    "",
+    "1. Start session (`codex`)",
+    "",
+    "```json",
+    "{",
+    '  "prompt": "List files and summarize repository purpose.",',
+    '  "approvalPolicy": "on-request",',
+    '  "sandbox": "workspace-write",',
+    '  "effort": "low",',
+    '  "cwd": "D:\\\\Lab\\\\codex-mcp"',
+    "}",
+    "```",
+    "",
+    "Typical start result:",
+    "",
+    "```json",
+    "{",
+    '  "sessionId": "sess_abc123",',
+    '  "threadId": "thread_xyz",',
+    '  "status": "running",',
+    '  "pollInterval": 120000',
+    "}",
+    "```",
+    "",
+    "2. Poll incrementally (`codex_check`)",
+    "",
+    "```json",
+    "{",
+    '  "action": "poll",',
+    '  "sessionId": "sess_abc123",',
+    '  "cursor": 0,',
+    '  "maxEvents": 10',
+    "}",
+    "```",
+    "",
+    "- Use `pollInterval` as a minimum delay: `running` >=120000ms (and usually longer for big tasks).",
+    "- `waiting_approval` is the exception: poll/answer around 1000ms to avoid timeout.",
+    "",
+    "3. If `actions[]` contains an approval request, respond:",
+    "",
+    "```json",
+    "{",
+    '  "action": "respond_permission",',
+    '  "sessionId": "sess_abc123",',
+    '  "requestId": "req_123",',
+    '  "decision": "acceptForSession"',
+    "}",
+    "```",
+    "",
+    "4. If `actions[]` contains a user-input request, respond:",
+    "",
+    "```json",
+    "{",
+    '  "action": "respond_user_input",',
+    '  "sessionId": "sess_abc123",',
+    '  "requestId": "req_456",',
+    '  "answers": {',
+    '    "question-id": {',
+    '      "answers": ["Option A"]',
+    "    }",
+    "  }",
+    "}",
+    "```",
+    "",
+    "5. Continue polling until terminal status (`idle`, `error`, or `cancelled`), respecting the >=2 minute interval while `running`.",
+    "",
+    "## Cursor notes",
+    "",
+    "- Omit `cursor` to continue from session last consumed cursor.",
+    `- Omit \`maxEvents\`: defaults are poll=${POLL_DEFAULT_MAX_EVENTS}, respond_*=${RESPOND_DEFAULT_MAX_EVENTS}.`,
+    "- Omit `responseMode`: default is `minimal`.",
+    "- Use returned `nextCursor` for the next call.",
+    "- If `cursorResetTo` appears, reset to that value and continue.",
+    ""
+  ].join("\n");
+}
+function buildErrorsText() {
+  const lines = [
+    "## Error format",
+    "",
+    "Tool failures use: `Error [CODE]: message`",
+    "",
+    "## Codes",
+    ""
+  ];
+  for (const code of Object.values(ErrorCode)) {
+    lines.push(`- \`${code}\`: ${ERROR_CODE_HINTS[code]}`);
+  }
+  lines.push("");
+  lines.push("## Recovery basics");
+  lines.push("");
+  lines.push("- `INVALID_ARGUMENT`: fix payload fields/enums and retry.");
+  lines.push("- `SESSION_BUSY`: poll until terminal/idle before issuing incompatible action.");
+  lines.push("- `REQUEST_NOT_FOUND`: re-poll and use latest `actions[].requestId`.");
+  lines.push("- `PROTOCOL_PARSE_ERROR`: remove shell/profile stdout noise and restart session.");
+  lines.push("");
+  return lines.join("\n");
+}
+function buildCompatReport(deps, codexCliVersion) {
+  const runtimeWarnings = [];
+  if (!codexCliVersion) {
+    runtimeWarnings.push("Unable to detect local codex CLI version from PATH.");
+  }
+  return JSON.stringify(
+    {
+      schemaVersion: "1.0.0",
+      features: {
+        respondPermission: true,
+        respondApprovalAlias: true,
+        respondUserInput: true,
+        sessionInterrupt: true,
+        responseModeMinimal: true,
+        responseModeDeltaCompact: true,
+        responseModeFull: true,
+        pollOptionsBase: true,
+        maxBytesTruncation: true,
+        compatWarnings: true,
+        diskResume: false,
+        dynamicTools: false,
+        toolPermissionControl: false
+      },
+      recommendedSettings: {
+        codexCheck: {
+          responseMode: "minimal",
+          pollOptions: {
+            includeEvents: true,
+            includeActions: true,
+            includeResult: true
+          }
+        }
+      },
+      toolCounts: {
+        core: 4
+      },
+      runtimeWarnings,
+      detectedMismatches: [],
+      runtime: {
+        codexMcpVersion: deps.version,
+        codexCliVersion,
+        activeSessions: deps.sessionManager.getActiveSessionCount()
+      }
+    },
+    null,
+    2
+  );
+}
+function registerResources(server, deps) {
+  let codexCliVersionCache;
+  const getCodexCliVersion = () => {
+    if (codexCliVersionCache !== void 0) return codexCliVersionCache;
+    codexCliVersionCache = detectCodexCliVersion();
+    return codexCliVersionCache;
+  };
+  const byKey = new Map(RESOURCE_CATALOG.map((entry) => [entry.key, entry]));
+  const serverInfoMeta = byKey.get("serverInfo");
+  const serverInfoUri = new URL(RESOURCE_URIS.serverInfo);
+  server.registerResource(
+    serverInfoMeta.name,
+    serverInfoUri.toString(),
+    {
+      title: serverInfoMeta.title,
+      description: serverInfoMeta.description,
+      mimeType: serverInfoMeta.mimeType
+    },
+    () => {
+      const observedModel = deps.sessionManager.getObservedDefaultModel();
+      return asTextResource(
+        serverInfoUri,
+        JSON.stringify(
+          {
+            name: "codex-mcp",
+            version: deps.version,
+            codexCliVersion: getCodexCliVersion(),
+            node: process.version,
+            platform: process.platform,
+            arch: process.arch,
+            stdioMode: resolveStdioMode().mode,
+            supportedApprovalPolicies: APPROVAL_POLICIES,
+            supportedSandboxModes: SANDBOX_MODES,
+            supportedEffortLevels: EFFORT_LEVELS,
+            activeSessions: deps.sessionManager.getActiveSessionCount(),
+            defaultModel: observedModel,
+            defaultModelSource: observedModel ? "session-default" : "unknown",
+            resources: RESOURCE_CATALOG.map((entry) => ({
+              uri: RESOURCE_URIS[entry.key],
+              title: entry.title,
+              mimeType: entry.mimeType,
+              description: entry.description
+            }))
+          },
+          null,
+          2
+        ),
+        "application/json"
+      );
+    }
+  );
+  const compatReportMeta = byKey.get("compatReport");
+  const compatReportUri = new URL(RESOURCE_URIS.compatReport);
+  server.registerResource(
+    compatReportMeta.name,
+    compatReportUri.toString(),
+    {
+      title: compatReportMeta.title,
+      description: compatReportMeta.description,
+      mimeType: compatReportMeta.mimeType
+    },
+    () => asTextResource(
+      compatReportUri,
+      buildCompatReport(deps, getCodexCliVersion()),
+      "application/json"
+    )
+  );
+  const configMeta = byKey.get("config");
+  const configUri = new URL(RESOURCE_URIS.config);
+  server.registerResource(
+    configMeta.name,
+    configUri.toString(),
+    {
+      title: configMeta.title,
+      description: configMeta.description,
+      mimeType: configMeta.mimeType
+    },
+    () => asTextResource(configUri, buildConfigGuideText(), "text/markdown")
+  );
+  const gotchasMeta = byKey.get("gotchas");
+  const gotchasUri = new URL(RESOURCE_URIS.gotchas);
+  server.registerResource(
+    gotchasMeta.name,
+    gotchasUri.toString(),
+    {
+      title: gotchasMeta.title,
+      description: gotchasMeta.description,
+      mimeType: gotchasMeta.mimeType
+    },
+    () => asTextResource(gotchasUri, buildGotchasText(), "text/markdown")
+  );
+  const quickstartMeta = byKey.get("quickstart");
+  const quickstartUri = new URL(RESOURCE_URIS.quickstart);
+  server.registerResource(
+    quickstartMeta.name,
+    quickstartUri.toString(),
+    {
+      title: quickstartMeta.title,
+      description: quickstartMeta.description,
+      mimeType: quickstartMeta.mimeType
+    },
+    () => asTextResource(quickstartUri, buildQuickstartText(), "text/markdown")
+  );
+  const errorsMeta = byKey.get("errors");
+  const errorsUri = new URL(RESOURCE_URIS.errors);
+  server.registerResource(
+    errorsMeta.name,
+    errorsUri.toString(),
+    {
+      title: errorsMeta.title,
+      description: errorsMeta.description,
+      mimeType: errorsMeta.mimeType
+    },
+    () => asTextResource(errorsUri, buildErrorsText(), "text/markdown")
+  );
+}
+
+// src/server.ts
+var SERVER_VERSION = true ? "0.2.0" : "0.0.0-dev";
+function formatErrorMessage(err) {
+  const message = err instanceof Error ? err.message : String(err);
+  const m = /^Error \[([A-Z_]+)\]:\s*(.*)$/.exec(message);
+  if (m) {
+    const [, code, rest] = m;
+    if (code === "INTERNAL" /* INTERNAL */) {
+      return `Error [${"INTERNAL" /* INTERNAL */}]: ${redactPaths(rest)}`;
+    }
+    return message;
+  }
+  return `Error [${"INTERNAL" /* INTERNAL */}]: ${redactPaths(message)}`;
+}
+function toStructuredContent(value) {
+  if (typeof value === "object" && value !== null && !Array.isArray(value)) {
+    return value;
+  }
+  return { value };
+}
+function createServer(serverCwd) {
+  const sessionManager = new SessionManager();
+  const server = new McpServer({
+    name: "codex-mcp",
+    version: SERVER_VERSION
+  });
+  registerResources(server, { version: SERVER_VERSION, sessionManager });
+  const publicSessionInfoSchema = z.object({
+    sessionId: z.string(),
+    status: z.enum(["running", "idle", "waiting_approval", "error", "cancelled"]),
+    createdAt: z.string(),
+    lastActiveAt: z.string(),
+    cancelledAt: z.string().optional(),
+    cancelledReason: z.string().optional(),
+    model: z.string().optional(),
+    approvalPolicy: z.enum(APPROVAL_POLICIES).optional(),
+    sandbox: z.enum(SANDBOX_MODES).optional(),
+    pendingRequestCount: z.number().int()
+  });
+  const errorOutputShape = {
+    error: z.string().optional(),
+    isError: z.boolean().optional()
+  };
+  const sessionStartOutputShape = {
+    sessionId: z.string().optional(),
+    threadId: z.string().optional(),
+    status: z.enum(["running", "idle"]).optional(),
+    pollInterval: z.number().int().optional().describe(
+      "Recommended minimum delay before next poll (ms): running >=120000, waiting_approval ~=1000."
+    ),
+    ...errorOutputShape
+  };
+  server.registerTool(
+    "codex",
+    {
+      title: "Start Codex Session",
+      description: "Start session asynchronously and return `{ sessionId, threadId, status, pollInterval }`. Use `pollInterval` as a minimum hint: `running` >=120000ms (increase for long tasks), `waiting_approval` ~=1000ms.",
+      inputSchema: {
+        prompt: z.string().describe("Task or question"),
+        approvalPolicy: z.enum(APPROVAL_POLICIES).describe("Required enum: untrusted/on-failure/on-request/never."),
+        sandbox: z.enum(SANDBOX_MODES).describe("Required enum: read-only/workspace-write/danger-full-access."),
+        effort: z.enum(EFFORT_LEVELS).default(DEFAULT_EFFORT_LEVEL).describe("Reasoning effort (default: low)."),
+        cwd: z.string().optional().describe("Working directory (default: server cwd)."),
+        model: z.string().optional().describe("Model override (default: config.toml)"),
+        profile: z.string().optional().describe("Profile name (default: CLI default profile)."),
+        advanced: z.object({
+          baseInstructions: z.string().optional().describe("Replace system instructions."),
+          developerInstructions: z.string().optional().describe("Extra developer instructions."),
+          personality: z.enum(PERSONALITIES).optional().describe("Personality (default: config.toml)."),
+          summary: z.enum(SUMMARY_MODES).optional().describe("Summary mode (default: config.toml)."),
+          config: z.record(z.string(), z.unknown()).optional().describe("Override config values."),
+          ephemeral: z.boolean().optional().describe("Do not persist thread (default: false)."),
+          outputSchema: z.record(z.string(), z.unknown()).optional().describe("Structured output schema."),
+          images: z.array(z.string()).optional().describe("Local image paths."),
+          approvalTimeoutMs: z.number().int().positive().default(DEFAULT_APPROVAL_TIMEOUT_MS).optional().describe(`Auto-decline timeout in ms (default: ${DEFAULT_APPROVAL_TIMEOUT_MS})`)
+        }).optional().describe("Advanced settings.")
+      },
+      outputSchema: sessionStartOutputShape,
+      annotations: {
+        title: "Start Codex Session",
+        readOnlyHint: false,
+        destructiveHint: true,
+        idempotentHint: false,
+        openWorldHint: true
+      }
+    },
+    async (args) => {
+      try {
+        const result = await executeCodex(args, sessionManager, serverCwd);
+        return {
+          content: [{ type: "text", text: JSON.stringify(result, null, 2) }],
+          structuredContent: toStructuredContent(result),
+          isError: false
+        };
+      } catch (err) {
+        const message = formatErrorMessage(err);
+        return {
+          content: [{ type: "text", text: message }],
+          structuredContent: { error: message, isError: true },
+          isError: true
+        };
+      }
+    }
+  );
+  server.registerTool(
+    "codex_reply",
+    {
+      title: "Continue Codex Session",
+      description: "Continue existing session. Allowed in `idle`/`error`; otherwise `SESSION_BUSY`. Returns immediately. Use `pollInterval` as a minimum hint: `running` >=120000ms, `waiting_approval` ~=1000ms.",
+      inputSchema: {
+        sessionId: z.string().describe("Session ID from codex tool"),
+        prompt: z.string().describe("Follow-up message"),
+        model: z.string().optional().describe("Override model."),
+        approvalPolicy: z.enum(APPROVAL_POLICIES).optional().describe("Override approval policy."),
+        effort: z.enum(EFFORT_LEVELS).optional().describe("Override effort."),
+        summary: z.enum(SUMMARY_MODES).optional().describe("Override summary."),
+        personality: z.enum(PERSONALITIES).optional().describe("Override personality."),
+        sandbox: z.enum(SANDBOX_MODES).optional().describe("Override sandbox."),
+        cwd: z.string().optional().describe("Override cwd."),
+        outputSchema: z.record(z.string(), z.unknown()).optional().describe("Structured output schema override (top-level in codex_reply).")
+      },
+      outputSchema: sessionStartOutputShape,
+      annotations: {
+        title: "Continue Codex Session",
+        readOnlyHint: false,
+        destructiveHint: true,
+        idempotentHint: false,
+        openWorldHint: true
+      }
+    },
+    async (args) => {
+      try {
+        const result = await executeCodexReply(args, sessionManager);
+        return {
+          content: [{ type: "text", text: JSON.stringify(result, null, 2) }],
+          structuredContent: toStructuredContent(result),
+          isError: false
+        };
+      } catch (err) {
+        const message = formatErrorMessage(err);
+        return {
+          content: [{ type: "text", text: message }],
+          structuredContent: { error: message, isError: true },
+          isError: true
+        };
+      }
+    }
+  );
+  server.registerTool(
+    "codex_session",
+    {
+      title: "Manage Sessions",
+      description: `Session actions: list, get, cancel, interrupt, fork.
+
+- list: sessions in memory.
+- get: details. includeSensitive defaults to false; true adds threadId/cwd/profile/config.
+- cancel: terminal.
+- interrupt: stop current turn.
+- fork: clone current thread into a new session; source remains unchanged.`,
+      inputSchema: {
+        action: z.enum(SESSION_ACTIONS),
+        sessionId: z.string().optional().describe("Required for get/cancel/interrupt/fork"),
+        includeSensitive: z.boolean().default(false).optional().describe("Include cwd/config/threadId/profile in get (default: false)")
+      },
+      outputSchema: {
+        sessions: z.array(publicSessionInfoSchema).optional(),
+        sessionId: z.string().optional(),
+        status: z.enum(["running", "idle", "waiting_approval", "error", "cancelled"]).optional(),
+        createdAt: z.string().optional(),
+        lastActiveAt: z.string().optional(),
+        cancelledAt: z.string().optional(),
+        cancelledReason: z.string().optional(),
+        model: z.string().optional(),
+        approvalPolicy: z.enum(APPROVAL_POLICIES).optional(),
+        sandbox: z.enum(SANDBOX_MODES).optional(),
+        pendingRequestCount: z.number().int().optional(),
+        threadId: z.string().optional(),
+        cwd: z.string().optional(),
+        profile: z.string().optional(),
+        config: z.record(z.string(), z.unknown()).optional(),
+        pollInterval: z.number().int().optional().describe(
+          "Recommended minimum delay before next poll (ms): running >=120000, waiting_approval ~=1000."
+        ),
+        success: z.boolean().optional(),
+        message: z.string().optional(),
+        ...errorOutputShape
+      },
+      annotations: {
+        title: "Manage Sessions",
+        readOnlyHint: false,
+        destructiveHint: true,
+        idempotentHint: false,
+        openWorldHint: false
+      }
+    },
+    async (args) => {
+      try {
+        const result = await executeCodexSession(args, sessionManager);
+        const isError = typeof result.isError === "boolean" ? result.isError : false;
+        return {
+          content: [{ type: "text", text: JSON.stringify(result, null, 2) }],
+          structuredContent: toStructuredContent(result),
+          isError
+        };
+      } catch (err) {
+        const message = formatErrorMessage(err);
+        return {
+          content: [{ type: "text", text: message }],
+          structuredContent: { error: message, isError: true },
+          isError: true
+        };
+      }
+    }
+  );
+  server.registerTool(
+    "codex_check",
+    {
+      title: "Poll & Respond",
+      description: `Poll session for events or respond to approval/input requests.
+
+POLLING FREQUENCY: Do NOT poll every turn. Codex tasks take minutes, not seconds.
+- Treat pollInterval as a minimum hint, not a fixed schedule.
+- "running": never poll faster than 120000ms (2 minutes); use longer intervals for longer tasks.
+- "waiting_approval": poll about every 1000ms and respond quickly to actions[].
+- When status is "idle"/"error"/"cancelled": stop polling, the session is done.
+
+poll: events since cursor. Default maxEvents=${POLL_DEFAULT_MAX_EVENTS}.
+
+respond_permission: approval decision. Default maxEvents=${RESPOND_DEFAULT_MAX_EVENTS} (compact ACK).
+
+respond_approval: deprecated alias for respond_permission.
+
+respond_user_input: user-input answers. Default maxEvents=${RESPOND_DEFAULT_MAX_EVENTS} (compact ACK).
+
+events[].type is coarse-grained; details are in events[].data.method.
+cursor omitted => use session last cursor. cursorResetTo => reset and continue.`,
+      inputSchema: {
+        action: z.enum(CHECK_ACTIONS),
+        sessionId: z.string().describe("Target session ID"),
+        cursor: z.number().int().nonnegative().optional().describe("Event cursor (default: session last consumed cursor)."),
+        maxEvents: z.number().int().nonnegative().optional().describe(
+          `Max events. Default: poll=${POLL_DEFAULT_MAX_EVENTS} (min ${POLL_MIN_MAX_EVENTS}), respond_*=${RESPOND_DEFAULT_MAX_EVENTS}.`
+        ),
+        responseMode: z.enum(RESPONSE_MODES).optional().describe("Response mode. Default: minimal. Options: minimal/delta_compact/full."),
+        pollOptions: z.object({
+          includeEvents: z.boolean().optional().describe("Default: true. Include events[] in response."),
+          includeActions: z.boolean().optional().describe("Default: true. Include actions[] in response."),
+          includeResult: z.boolean().optional().describe("Default: true. Include result in response."),
+          maxBytes: z.number().int().positive().optional().describe("Default: unlimited. Best-effort response payload cap in bytes."),
+          includeTools: z.boolean().optional().describe("Default: false. Reserved for future dynamic tool metadata support.")
+        }).optional().describe("Optional poll shaping controls."),
+        // respond_permission/respond_approval
+        requestId: z.string().optional().describe("Request ID from actions[]"),
+        decision: z.enum(ALL_DECISIONS).optional().describe(
+          "Approval decision for respond_permission/respond_approval. acceptWithExecpolicyAmendment requires execpolicyAmendment."
+        ),
+        execpolicyAmendment: z.array(z.string()).optional().describe("For acceptWithExecpolicyAmendment only"),
+        denyMessage: z.string().optional().describe("Deny reason (not sent to agent)"),
+        // respond_user_input
+        answers: z.record(
+          z.string(),
+          z.object({
+            answers: z.array(z.string())
+          })
+        ).optional().describe("questionId -> answers map (questionId from actions[] user_input request).")
+      },
+      outputSchema: {
+        sessionId: z.string().optional(),
+        status: z.enum(["running", "idle", "waiting_approval", "error", "cancelled"]).optional(),
+        pollInterval: z.number().int().optional().describe(
+          "Recommended minimum delay before next poll (ms): running >=120000, waiting_approval ~=1000."
+        ),
+        events: z.array(
+          z.object({
+            id: z.number().int(),
+            type: z.enum([
+              "output",
+              "progress",
+              "approval_request",
+              "approval_result",
+              "result",
+              "error"
+            ]),
+            data: z.unknown(),
+            timestamp: z.string()
+          })
+        ).optional(),
+        nextCursor: z.number().int().optional(),
+        cursorResetTo: z.number().int().optional(),
+        actions: z.array(
+          z.object({
+            type: z.enum(["approval", "user_input"]),
+            requestId: z.string(),
+            kind: z.string(),
+            params: z.unknown(),
+            itemId: z.string(),
+            reason: z.string().optional(),
+            createdAt: z.string()
+          })
+        ).optional(),
+        result: z.object({
+          turnId: z.string(),
+          output: z.string().optional(),
+          structuredOutput: z.unknown().optional(),
+          turn: z.unknown().optional(),
+          status: z.string().optional(),
+          turnError: z.unknown().optional(),
+          error: z.string().optional(),
+          completedAt: z.string()
+        }).optional(),
+        compatWarnings: z.array(z.string()).optional(),
+        truncated: z.boolean().optional(),
+        truncatedFields: z.array(z.string()).optional(),
+        ...errorOutputShape
+      },
+      annotations: {
+        title: "Poll & Respond",
+        readOnlyHint: false,
+        destructiveHint: false,
+        idempotentHint: false,
+        openWorldHint: false
+      }
+    },
+    async (args) => {
+      try {
+        const result = executeCodexCheck(args, sessionManager);
+        const isError = typeof result.isError === "boolean" ? result.isError : false;
+        return {
+          content: [{ type: "text", text: JSON.stringify(result, null, 2) }],
+          structuredContent: toStructuredContent(result),
+          isError
+        };
+      } catch (err) {
+        const message = formatErrorMessage(err);
+        return {
+          content: [{ type: "text", text: message }],
+          structuredContent: { error: message, isError: true },
+          isError: true
+        };
+      }
+    }
+  );
+  const originalClose = server.close.bind(server);
+  server.close = async () => {
+    sessionManager.destroy();
+    await originalClose();
+  };
+  return server;
+}
+
+// src/index.ts
+async function main() {
+  const preflight = runStdioPreflight();
+  for (const note of preflight.notes) {
+    console.error(`[stdio] ${note}`);
+  }
+  if (preflight.riskLevel === "elevated") {
+    console.error(`[stdio] Elevated stdout contamination risk detected (mode=${preflight.mode}).`);
+    for (const reason of preflight.riskReasons) {
+      console.error(`[stdio] Reason: ${reason}`);
+    }
+    for (const suggestion of preflight.suggestions) {
+      console.error(`[stdio] Suggestion: ${suggestion}`);
+    }
+  }
+  if (preflight.shouldBlock) {
+    throw new Error(
+      "STDIO preflight failed in strict mode due to blocking stdout contamination risk"
+    );
+  }
+  const serverCwd = process.cwd();
+  const server = createServer(serverCwd);
+  const transport = new StdioServerTransport();
+  let closing = false;
+  const shutdown = async () => {
+    if (closing) return;
+    closing = true;
+    try {
+      await server.close();
+    } catch {
+    }
+    process.exitCode = 0;
+    const exitTimer = setTimeout(() => process.exit(0), 100);
+    exitTimer.unref();
+  };
+  process.on("SIGINT", shutdown);
+  process.on("SIGTERM", shutdown);
+  process.on("SIGBREAK", shutdown);
+  await server.connect(transport);
+  console.error(`codex-mcp server started (cwd: ${serverCwd})`);
+}
+main().catch((err) => {
+  console.error("Fatal error:", err);
+  process.exit(1);
+});
+//# sourceMappingURL=index.js.map