clawdex-mobile 1.1.0 → 1.1.2

package/.github/workflows/ci.yml

@@ -4,6 +4,8 @@ on:
   push:
     branches:
       - "**"
+    tags:
+      - "v*"
   pull_request:
   workflow_dispatch:
 

package/.github/workflows/npm-release.yml

@@ -11,7 +11,7 @@ concurrency:
   cancel-in-progress: false
 
 permissions:
-  contents: read
+  contents: write
 
 jobs:
   publish:
@@ -32,9 +32,25 @@ jobs:
           cache: npm
           cache-dependency-path: package-lock.json
 
+      - name: Setup Rust toolchain
+        uses: dtolnay/rust-toolchain@stable
+
+      - name: Cache Rust dependencies
+        uses: Swatinem/rust-cache@v2
+
       - name: Install dependencies
         run: npm ci
 
+      - name: Verify Rust bridge compiles
+        working-directory: services/rust-bridge
+        run: cargo check --locked
+
+      - name: Run monorepo quality gates
+        run: |
+          npm run lint
+          npm run typecheck
+          npm run test
+
       - name: Verify package is publishable
         run: |
           node -e "const p=require('./package.json'); if (p.private) { throw new Error('package.json has private=true; cannot publish'); } if (!p.name || !p.version) { throw new Error('package.json must include name + version'); }"
@@ -65,3 +81,14 @@ jobs:
         env:
           NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
         run: npm publish --access public
+
+      - name: Create or update GitHub release
+        if: startsWith(github.ref, 'refs/tags/')
+        env:
+          GH_TOKEN: ${{ github.token }}
+        run: |
+          if gh release view "${GITHUB_REF_NAME}" >/dev/null 2>&1; then
+            gh release edit "${GITHUB_REF_NAME}" --latest
+          else
+            gh release create "${GITHUB_REF_NAME}" --title "${GITHUB_REF_NAME}" --generate-notes --latest
+          fi

package/apps/mobile/src/api/__tests__/client.test.ts

@@ -474,7 +474,7 @@ describe('HostBridgeApiClient', () => {
     );
   });
 
-  it('resumeThread() retries with legacy payload when modern resume params are rejected', async () => {
+  it('resumeThread() retries with compatibility payload when modern resume params are rejected', async () => {
     const ws = createWsMock();
     ws.request
       .mockRejectedValueOnce(new Error('unknown field `experimentalRawEvents`'))
@@ -498,11 +498,52 @@ describe('HostBridgeApiClient', () => {
       expect.objectContaining({
         threadId: 'thr_resume',
         approvalPolicy: 'on-request',
+        developerInstructions: expect.any(String),
+        experimentalRawEvents: true,
+      })
+    );
+  });
+
+  it('resumeThread() falls back to legacy payload when compatibility retry is rejected', async () => {
+    const ws = createWsMock();
+    ws.request
+      .mockRejectedValueOnce(new Error('unknown field `experimentalRawEvents`'))
+      .mockRejectedValueOnce(new Error('invalid params for resume options'))
+      .mockResolvedValueOnce({});
+
+    const client = new HostBridgeApiClient({ ws: ws as unknown as HostBridgeWsClient });
+    await expect(client.resumeThread('thr_resume_legacy')).resolves.toBeUndefined();
+
+    expect(ws.request).toHaveBeenNthCalledWith(
+      1,
+      'thread/resume',
+      expect.objectContaining({
+        threadId: 'thr_resume_legacy',
+        experimentalRawEvents: true,
+        approvalPolicy: 'untrusted',
+      })
+    );
+    expect(ws.request).toHaveBeenNthCalledWith(
+      2,
+      'thread/resume',
+      expect.objectContaining({
+        threadId: 'thr_resume_legacy',
+        approvalPolicy: 'on-request',
+        developerInstructions: expect.any(String),
+        experimentalRawEvents: true,
+      })
+    );
+    expect(ws.request).toHaveBeenNthCalledWith(
+      3,
+      'thread/resume',
+      expect.objectContaining({
+        threadId: 'thr_resume_legacy',
+        approvalPolicy: 'on-request',
         developerInstructions: null,
       })
     );
 
-    const legacyPayload = ws.request.mock.calls[1]?.[1] as Record<string, unknown>;
+    const legacyPayload = ws.request.mock.calls[2]?.[1] as Record<string, unknown>;
     expect(legacyPayload).not.toHaveProperty('experimentalRawEvents');
   });
 

package/apps/mobile/src/api/client.ts

@@ -338,21 +338,30 @@ export class HostBridgeApiClient {
       await this.ws.request('thread/resume', primaryRequest);
       return;
     } catch (primaryError) {
-      // Compatibility fallback for older app-server builds that reject
-      // experimentalRawEvents or strict policy combinations on resume.
-      const legacyRequest = {
+      // First fallback: keep raw-event streaming enabled, but relax approval policy.
+      const compatibilityRequest = {
         ...primaryRequest,
         approvalPolicy: fallbackApprovalPolicy,
-        developerInstructions: null,
       };
-      delete (legacyRequest as { experimentalRawEvents?: boolean }).experimentalRawEvents;
       try {
-        await this.ws.request('thread/resume', legacyRequest);
+        await this.ws.request('thread/resume', compatibilityRequest);
         return;
-      } catch (legacyError) {
-        throw new Error(
-          `thread/resume failed: ${(primaryError as Error).message}; fallback failed: ${(legacyError as Error).message}`
-        );
+      } catch (compatibilityError) {
+        // Final compatibility fallback for older app-server builds that reject
+        // experimentalRawEvents/developerInstructions on resume.
+        const legacyRequest = {
+          ...compatibilityRequest,
+          developerInstructions: null,
+        };
+        delete (legacyRequest as { experimentalRawEvents?: boolean }).experimentalRawEvents;
+        try {
+          await this.ws.request('thread/resume', legacyRequest);
+          return;
+        } catch (legacyError) {
+          throw new Error(
+            `thread/resume failed: ${(primaryError as Error).message}; compatibility failed: ${(compatibilityError as Error).message}; legacy fallback failed: ${(legacyError as Error).message}`
+          );
+        }
       }
     }
   }

package/apps/mobile/src/screens/MainScreen.tsx

@@ -130,7 +130,7 @@ const MAX_VISIBLE_TOOL_BLOCKS = 3;
 const RUN_WATCHDOG_MS = 60_000;
 const LIKELY_RUNNING_RECENT_UPDATE_MS = 30_000;
 const ACTIVE_CHAT_SYNC_INTERVAL_MS = 2_000;
-const IDLE_CHAT_SYNC_INTERVAL_MS = 10_000;
+const IDLE_CHAT_SYNC_INTERVAL_MS = 2_500;
 const THREAD_RESUME_RETRY_MS = 1_500;
 const CHAT_MODEL_PREFERENCES_FILE = 'chat-model-preferences.json';
 const CHAT_MODEL_PREFERENCES_VERSION = 1;
@@ -4084,6 +4084,10 @@ export const MainScreen = forwardRef<MainScreenHandle, MainScreenProps>(
           const threadId =
             readString(params?.threadId) ?? readString(params?.thread_id);
           if (threadId && threadId === currentId) {
+            // External clients (CLI/TUI) may start turns without pushing full live
+            // notifications through this app-server process. Force a lightweight
+            // resume attempt to attach to fresh stream state early.
+            ensureThreadResumeSubscription(threadId, { force: true });
             api
               .getChatSummary(threadId)
               .then((summary) => {
@@ -4210,11 +4214,11 @@ export const MainScreen = forwardRef<MainScreenHandle, MainScreenProps>(
           const shouldRunFromWatchdog = runWatchdogUntilRef.current > Date.now();
           const shouldShowRunning = shouldRunFromChat || shouldRunFromWatchdog;
 
-          if (shouldRunFromChat) {
-            // Only attach a live subscription when the server-reported status
-            // is actively running; avoid resuming idle historical chats.
-            ensureThreadResumeSubscription(selectedChatId);
-          }
+          // Keep a light resume heartbeat even while idle so externally-started
+          // turns are discovered quickly and can stream status/tool updates.
+          ensureThreadResumeSubscription(selectedChatId, {
+            force: shouldRunFromChat,
+          });
 
           if (shouldShowRunning && !hasPendingApproval && !hasPendingUserInput) {
             setActivity((prev) => {

package/docs/codex-app-server-cli-gap-tracker.md

@@ -0,0 +1,81 @@
+# Codex App-Server + CLI Gap Tracker
+
+Last updated: February 24, 2026
+
+## Scope
+This tracker compares `clawdex-mobile` against current Codex app-server + CLI capabilities and records what still needs to be added.
+
+## Gap 1: App-Server Protocol Parity
+Status: In progress (first implementation pass completed)
+
+### Implemented in this pass
+- Expanded rust-bridge forwarded app-server client methods to include newer slash/API endpoints.
+- Added legacy approval request compatibility for `applyPatchApproval` and `execCommandApproval`.
+- Added decision translation between modern and legacy approval response formats.
+- Added explicit handling for `item/tool/call` server requests (returns structured unsupported result instead of generic method-not-found).
+- Added explicit handling for `account/chatgptAuthTokens/refresh` server requests:
+  - Uses `BRIDGE_CHATGPT_ACCESS_TOKEN` + `BRIDGE_CHATGPT_ACCOUNT_ID` when present.
+  - Emits descriptive error when not configured.
+
+### Forwarded methods added
+- `account/login/cancel`
+- `account/login/start`
+- `account/logout`
+- `account/rateLimits/read`
+- `account/read`
+- `collaborationMode/list`
+- `config/batchWrite`
+- `config/mcpServer/reload`
+- `config/read`
+- `config/value/write`
+- `configRequirements/read`
+- `experimentalFeature/list`
+- `feedback/upload`
+- `fuzzyFileSearch/sessionStart`
+- `fuzzyFileSearch/sessionStop`
+- `fuzzyFileSearch/sessionUpdate`
+- `mcpServer/oauth/login`
+- `mcpServerStatus/list`
+- `mock/experimentalMethod`
+- `skills/config/write`
+- `skills/remote/export`
+- `skills/remote/list`
+- `thread/backgroundTerminals/clean`
+
+### Remaining inside Gap 1
+- Native execution of dynamic tool calls (`item/tool/call`) is still not implemented in mobile/bridge; currently returns `success: false`.
+- Token refresh relies on environment variables; no mobile UI flow exists yet for account token refresh.
+
+## Remaining Gaps (Beyond Gap 1)
+
+### Gap 2: Slash Command Coverage in Mobile
+- Many Codex CLI slash commands are not exposed as first-class actions in mobile UX.
+- Mobile currently has partial command shortcuts and multiple unsupported command branches.
+
+### Gap 3: Account/Auth UX
+- No dedicated mobile flow for login state, logout, account details, or rate limits.
+- Auth refresh is still operationally env-driven in bridge, not user-driven in app.
+
+### Gap 4: MCP + Tooling UX
+- No end-to-end UI for MCP server status, reload, OAuth login, or remote skills list/export.
+- Dynamic tool calls do not execute on mobile yet.
+
+### Gap 5: Collaboration/Plan Mode UX
+- `collaborationMode/list` can now be forwarded, but there is no complete plan-mode UX in mobile.
+- `request_user_input` has baseline support, but no richer structured workflows.
+
+### Gap 6: Resilience + Reconnect
+- WebSocket reconnect/backoff behavior is still limited on mobile.
+- Slow/broken client recovery remains a known risk path.
+
+### Gap 7: Security Hardening
+- Bridge remains trusted-network oriented with optional no-auth local mode.
+- High-risk endpoints (`bridge/terminal/exec`, `bridge/git/*`) need stronger authz controls for wider deployment.
+
+### Gap 8: Contract/Regression Testing
+- No automated contract sync against generated app-server schema.
+- Missing CI guardrails to detect newly added app-server methods or server-request variants.
+
+### Gap 9: Docs and Operator Runbooks
+- Need user-facing docs for new app-server capabilities as they are surfaced in mobile.
+- Need operational docs for auth/token refresh and MCP/OAuth troubleshooting.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clawdex-mobile",
-  "version": "1.1.0",
+  "version": "1.1.2",
   "publishConfig": {
     "access": "public"
   },

package/scripts/codex-live-demo.sh

@@ -0,0 +1,69 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+# Demo launcher for a patched Codex TUI build that live-syncs rollout updates.
+# It replaces the old tmux restart workaround.
+
+DEFAULT_CODEX_SRC="/tmp/openai-codex-latest/codex-rs"
+CODEX_SRC="${CODEX_SRC:-$DEFAULT_CODEX_SRC}"
+PATCHED_APP_RS="${PATCHED_APP_RS:-$CODEX_SRC/tui/src/app.rs}"
+PATCHED_TUI_BIN="${PATCHED_TUI_BIN:-$CODEX_SRC/target/debug/codex-tui}"
+
+usage() {
+  cat <<'EOF'
+Usage:
+  scripts/codex-live-demo.sh [codex-tui args...]
+
+Environment overrides:
+  CODEX_SRC                  (default: /tmp/openai-codex-latest/codex-rs)
+  PATCHED_APP_RS             (default: $CODEX_SRC/tui/src/app.rs)
+  PATCHED_TUI_BIN            (default: $CODEX_SRC/target/debug/codex-tui)
+
+Notes:
+  - This starts the patched TUI binary directly.
+  - Bridge/app-server can continue using stock codex:
+      CODEX_CLI_BIN=/opt/homebrew/bin/codex
+  - If PATCHED_TUI_BIN is missing, the script will build it via:
+      cargo test -p codex-tui
+EOF
+}
+
+if [[ "${1:-}" == "--help" || "${1:-}" == "-h" ]]; then
+  usage
+  exit 0
+fi
+
+if ! command -v cargo >/dev/null 2>&1; then
+  echo "cargo is required" >&2
+  exit 1
+fi
+
+if [[ ! -f "$PATCHED_APP_RS" ]]; then
+  echo "patched source file not found: $PATCHED_APP_RS" >&2
+  echo "set CODEX_SRC or PATCHED_APP_RS to your patched codex-rs checkout" >&2
+  exit 1
+fi
+
+if ! command -v rg >/dev/null 2>&1 || ! rg -q 'ROLLOUT_LIVE_SYNC_INTERVAL' "$PATCHED_APP_RS"; then
+  echo "warning: patch marker not found in $PATCHED_APP_RS" >&2
+  echo "continuing anyway; verify your checkout includes rollout live sync changes" >&2
+fi
+
+if [[ ! -x "$PATCHED_TUI_BIN" ]]; then
+  echo "building patched codex-tui at: $CODEX_SRC"
+  (cd "$CODEX_SRC" && cargo test -p codex-tui >/dev/null)
+fi
+
+if [[ ! -x "$PATCHED_TUI_BIN" ]]; then
+  echo "patched codex-tui binary not found after build: $PATCHED_TUI_BIN" >&2
+  exit 1
+fi
+
+echo "launching patched Codex TUI:"
+echo "  $PATCHED_TUI_BIN $*"
+echo
+echo "for bridge/app-server, keep stock codex binary configured:"
+echo "  CODEX_CLI_BIN=/opt/homebrew/bin/codex"
+echo
+
+exec "$PATCHED_TUI_BIN" "$@"

package/services/rust-bridge/.env.example

@@ -7,5 +7,8 @@ BRIDGE_ALLOW_QUERY_TOKEN_AUTH=false
 BRIDGE_ALLOW_OUTSIDE_ROOT_CWD=true
 BRIDGE_DISABLE_TERMINAL_EXEC=false
 BRIDGE_TERMINAL_ALLOWED_COMMANDS=pwd,ls,cat,git
+BRIDGE_CHATGPT_ACCESS_TOKEN=
+BRIDGE_CHATGPT_ACCOUNT_ID=
+BRIDGE_CHATGPT_PLAN_TYPE=
 CODEX_CLI_BIN=codex
 CODEX_CLI_TIMEOUT_MS=180000